CVE-2017-6008
Sophos HitmanPro Kernel Pool Overflow
Description
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.
INFO
Published Date :
Sept. 13, 2017, 8:29 a.m.
Last Modified :
Oct. 29, 2017, 1:29 a.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
5.9
Exploitability Score :
1.8
Public PoC/Exploit Available at Github
CVE-2017-6008 has a 14 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2017-6008
.
URL | Resource |
---|---|
https://github.com/cbayet/Exploit-CVE-2017-6008 | Exploit Third Party Advisory |
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/ | Exploit Technical Description Third Party Advisory |
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7/ | Exploit Technical Description Third Party Advisory |
https://www.exploit-db.com/exploits/43057/ | |
https://www.nuitduhack.com/fr/planning/talk_10 | Third Party Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
exploit hevd kernel windows
C C++
None
A curated list of my GitHub stars! Generated by starred
None
笔者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包括满补丁系统上的稳定利用.
C C++ PowerShell
None
None
平常看到好的渗透hacking工具和多领域效率工具的集合
web hacking awesome-list hacker hacking-tool kali-scripts hacking-tools pentesting-tools pentest-scripts bounty-hunters bug-bounty bugbounty bugbounty-tool
None
None
None
windows kernel security development
rootkit bootkit antirootkit antivirus shellcode driver framework
Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.
C++
✍️ A curated list of CVE PoCs.
awesome cve poc
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2017-6008
vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2017-6008
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Modified by [email protected]
Oct. 29, 2017
Action Type Old Value New Value Added Reference https://www.exploit-db.com/exploits/43057/ [No Types Assigned] -
Initial Analysis by [email protected]
Sep. 21, 2017
Action Type Old Value New Value Added CVSS V2 (AV:L/AC:L/Au:N/C:P/I:P/A:P) Added CVSS V3 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Changed Reference Type https://www.nuitduhack.com/fr/planning/talk_10 No Types Assigned https://www.nuitduhack.com/fr/planning/talk_10 Third Party Advisory Changed Reference Type https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7/ No Types Assigned https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7/ Exploit, Technical Description, Third Party Advisory Changed Reference Type https://github.com/cbayet/Exploit-CVE-2017-6008 No Types Assigned https://github.com/cbayet/Exploit-CVE-2017-6008 Exploit, Third Party Advisory Changed Reference Type https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/ No Types Assigned https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/ Exploit, Technical Description, Third Party Advisory Added CWE CWE-119 Added CPE Configuration OR *cpe:2.3:a:sophos:hitmanpro:3.7.20:*:*:*:*:*:*:* (and previous)
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2017-6008
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2017-6008
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
0.08 }} 0.00%
score
0.30199
percentile