[REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock. Jun 13 2006 10:11PM
Reversemode (advisories reversemode com)

Microsoft Kernel Object Manager is prone to a deadlock vulnerability
which could be exploitable, making unkillable any desired process
running on the affected machine.

+ Paper/Advisory -Reversing mrxsmb.sys, Chapter II "NtClose DeadLock" -
+ Exploit Code (c source code)

Both two can be downloaded at www.reversemode.com

This issue seems to be addressed in the recent bulletin MS06-030.

Rubén Santamarta,

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus