vendor:
Kartoffel
by:
Rubén
8.8
CVSS
HIGH
MS08-066
119
CWE
Product Name: Kartoffel
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2008-4250
CPE: Unknown
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008
K-plugin for Kartoffel Exploit
This exploit is related to the MS08-066 bulletin and is a k-plugin for Kartoffel. It exploits a flaw patched in the recent MS08-066 bulletin. Researchers interested in digging a little bit more into this flaw can take a look at afd!AfdGetRemoteAddress and/or check the blog post at http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx
Mitigation:
Patch the vulnerability