| ||Thread Tools|
|31st December 2012, 11:16||#1|
Join Date: May 2010
Nvidia Display Driver Service is insecure
An insecurity expert has found a vulnerability in the Nvidia Display Driver Service that could give administrator privileges on Windows machines to hacker .
Peter Winter-Smith, formerly with NGS Software of the UK, posted details of the vulnerability to Pastebin.
He claimed that the service is vulnerable to a stack buffer overflow that bypasses data execution prevention (DEP) and address space layout randomisation (ASLR).
The hole applies to every Windows operating system since Windows Vista.
He said that the service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context should be able to exploit this vulnerability.
Winter-Smith wrote that the buffer overflow occurs as a result of a bad memmove operation.
Fortunately for Nvidia the vulnerability is difficult to exploit because it mostly affects a domain-based machine, where there are relaxed firewall rules and filesharing is switched on. This is like a network manager having their server set to "please hack my server, I have no interest in staying in the industry".
But if they were daft enough, there are a few servers out there which have settings more liberal than Finland.
Winter-Smith said he wanted to share the exploit in a timely fashion, rather than report it, but said that the risk from this particular flaw being exploited was is sufficiently low that he didn't think it would warrant the wait.
Curiously when we went and had a look at the Pastebin entry this morning, Winter-Smith had pulled the post. He said that it had "caused a few of his friends a few problems". It is not clear who the friends were, or if Nvidia had been having a quite word with him, his friends, or he had woken up with a decapitated press release in his bed.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Java is Insecure and Awful, It’s Time to Disable It, and Here’s How||jmke||WebNews||0||29th August 2012 09:00|
|NVIDIA Releases 296.10 GeForce Driver, Introduces Windows 8 Driver Support||Stefan Mileschin||WebNews||0||14th March 2012 08:59|
|Display driver nvlddmkm stopped responding and has successfully recovered||Kougar||Hardware Overclocking and Case Modding||31||18th May 2010 03:23|
|ATI Catalyst™ 9.10 Display Driver for Windows||Gamer||WebNews||1||22nd October 2009 23:05|
|Insecure routing redirects YouTube to Pakistan||jmke||WebNews||0||25th February 2008 18:29|
|Nvidia Driver Analysis||Sidney||WebNews||0||15th August 2005 23:39|
|nVidia Detonator driver?||Kerry||Hardware/Software Problems, Bugs||5||31st July 2004 00:47|