Exploit for MS08-066 - AFD.sys kernel memory overwrite.

[Reversemode <advisories () reversemode com>]

Hi,

I have just uploaded a k-plugin for Kartoffel, which exploits a flaw
patched in the recent MS08-066 bulletin.

http://kartoffel.reversemode.com/downloads.php


For those researchers interesting in digging a little bit more into this
flaw, just take a look at afd!AfdGetRemoteAddress and/or check this out

http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx

Regards,
Rubén.