• home
• research
• tools
• other stuff
• about
• contact

quick.links

• my blog
• members login
• archive
• news
• links
• rss

recent.news

2009-12-18 - The slides from my recent presentation at CRESTCon 2009, the 'replacement' for CHECKCon, are now online! exploit code for the demonstrations [...]

2009-03-30 - We (by we, I mean myself and christer) recently demonstrated a score of local (and indeed a remote) kernel vulnerabilities [...]

:.home^3.1415926..

0day Disk Encryption Driver Bugs @CRESTCon 2009!

Posted on: 2009-12-18

The slides from my recent presentation at CRESTCon 2009, the 'replacement' for CHECKCon, are now online! exploit code for the demonstrations will follow very soon!

recent.additions

• May 26-10
  - SecurStar DriveCrypt <= 5.4 Local Kernel ring0 Code Execution
  [ drivecrypt-dcr.c ]
• May 26-10
  - SecurStar DriveCrypt <= 5.4 Local Kernel Arbitrary File Read/Write Exploit
  [ drivecrypt-fopen.c ]
• April 26-10
  - NovaSTOR NovaNet <= 12.0 Remote Memory Read/Denial of Service
  [ novanet-read.c - BID-39693 ]
• April 26-10
  - NovaSTOR NovaNet <= 12.0 Remote Code Execution
  [ novanet-own.c - novanet-own-lnx.c - BID-39693 ]
• April 26-10
  - NovaSTOR NovaNet/NovaBACKUP Network <= 13.0 Remote Denial of Service
  [ novanet-dos.c - BID-39693 ]
• January 15-10
  - is SafeCentral actually unsafe?
  [ link ]
• January 15-10
  - Authentium SafeCentral <= 2.6 shdrv.sys Local Kernel Denial of Service/ring0 Code Execution
  [ safecentral-unharden.c - BID-37939 ]
• January 15-10
  - Authentium SafeCentral <= 2.6 shdrv.sys Local Kernel ring0 Code Execution
  [ safecentral-unharden-v2.c - BID-37939 ]
• December 22-09
  - CRESTCon 2009: "[Win32] Full/Virtual Disk Encryption Vulnerabilities"
  [ link - presentation (pdf) ]
• October 02-09
  - VMware Fusion <= 2.0.5 vmx86 kext Local Kernel Denial of Service
  [ vmware-pop.c - CVE-2009-3282 - BID-36579 ]