lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 12 Jul 2018 16:17:34 -0300
From: filipe <filipe.xavier@...pest.com.br>
To: fulldisclosure@...lists.org
Subject: [FD] eScan ISS for Business v14.0.1400.2029 - BSOD through of a
	IOCTL

=====[ Tempest Security Intelligence - ADV-24/2018 ]===

eScan ISS for Business v14.0.1400.2029 - BSOD through of a IOCTL
Author: Filipe Xavier Oliveira
Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents
]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References

=====[ Overview
]==============================================================

* System affected : eScan ISS for Business[1].
* Software Version : 14.0.1400.2029 (other versions may also be affected).
* Impact : A user may be affected by opening a malicious executable,

=====[ Detailed description
]==================================================

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys
allows a non-privileged user to send a 0x830020E0 IOCTL request to
\\.\econceal to cause a denial of service (BSOD).

=====[ Aggravating factors ]===================================================

A malicious executable can cause a bsod on the system through the driver from antivirus.

=====[ Timeline of disclosure
]===============================================

04/17/2018 - Vulnerability reported.
04/21/2018 - The vendor receive and will check the vulnerability.

07/12/2018 - The vendor did not respond.

07/12/2018 - CVE assigned [2]

=====[ Thanks & Acknowledgements
]============================================

- Tempest Security Intelligence / Tempest's Pentest Team [3]

=====[ References
]===========================================================

[1] https://www.escanav.com/en/windows-antivirus/corporate-edition-with-hybrid.asp

[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10098
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10018>

[3] http://www.tempest.com.br <http://www.tempest.com.br/>

=====[ EOF
]====================================================================

-- 
Filipe Oliveira
Tempest Security Intelligence


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists