| عنوان | eScan, PROCOBSRVESX.SYS, DoS |
|---|
| الوصف | Version: eScan 22.0.1400.2443, PROCOBSRVESX.SYS x.x.x.x
https://www.escanav.com/en/mwav-tools/download-free-antivirus-toolkit.asp
Impact: Denial of Service
Description: From IoControlCode 0x22E008u, a normal user can cause null pointer dereference due to the lack of validating kernel handle before using ZwDuplicateObject.
Reproduce: In the attached file DoS.zip, there are DoS.exe, DoS.cpp, iwn4k3ek.exe, and PROCOBSRVESX.sys. DoS.exe is the PoC to cause DoS where iwn4k3ek.exe which contains the vulnerable driver PROCOBSRVESX.sys is installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, install iwn4k3ek.exe and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS
https://drive.google.com/file/d/1fvlP0d9HmApjWhYDjgsdco7g7FPsbn0V/view?usp=sharing |
|---|
| المصدر | ⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned48 |
|---|
| المستخدم | Zeze7w (UID 40823) |
|---|
| ارسال | 14/05/2023 03:48 PM (3 سنوات منذ) |
|---|
| الاعتدال | 24/05/2023 07:19 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 229854 [eScan Antivirus 22.0.1400.2443 IoControlCode PROCOBSRVESX.SYS 0x22E008u الحرمان من الخدمة] |
|---|
| النقاط | 20 |
|---|