Bugtraq mailing list archives
[REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock.
From: Reversemode <advisories () reversemode com>
Date: Wed, 14 Jun 2006 00:11:20 +0200
Microsoft Kernel Object Manager is prone to a deadlock vulnerability which could be exploitable, making unkillable any desired process running on the affected machine. + Paper/Advisory -Reversing mrxsmb.sys, Chapter II "NtClose DeadLock" - (pdf) + Exploit Code (c source code) Both two can be downloaded at www.reversemode.com This issue seems to be addressed in the recent bulletin MS06-030. Rubén Santamarta, www.reversemode.com
Current thread:
- [REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock. Reversemode (Jun 13)