Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability
09 January 2008

iDefense has published an advisory for a vulnerability in the Motorola netOctopus Agent which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can reliably execute malicious code in ring 0 by hijacking the SYSENTER_EIP_MSR via an improperly exposed interface in the NantSys device driver.

You can read the full iDefense advisory here:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=636

You can read Motorola's fix for the issue here:
http://www.netopia.com/support/software/technotes/netoctopus/Removing_the_nantsys_Driver.pdf [PDF]

Labels:

Digg This Story Bookmark in del.icio.us Slashdot This!


Archives


Copyright © Harmony Security 2008