header-logo
Suggest Exploit
vendor:
Windows NT
by:
SecurityFocus
7.2
CVSS
HIGH
Kernel Object Namespace Manipulation
427
CWE
Product Name: Windows NT
Affected Version From: Windows NT 4.0
Affected Version To: Windows NT 4.0
Patch Exists: Yes
Related CWE: N/A
CPE: o:microsoft:windows_nt:4.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Kernel Object Namespace Manipulation in NT

The names and mappings of kernel objects in NT are cached in the 'object namespace'. In this area, DLL mappings are kept in a section called KnownDlls. By manipulating the namespace, it is possible to redirect calls to arbitrary dlls.

Mitigation:

Ensure that the system is running the latest version of the operating system and that all security patches have been applied.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/234/info

The names and mappings of kernel objects in NT are cached in the "object namespace". In this area, DLL mappings are kept in a section called KnownDlls. By manipulating the namespace, it is possible to redirect calls to arbitrary dlls.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19198.zip

Navigation

Suggest Exploit

Services By CQR