module
MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference
Disclosed | Created |
---|---|
Nov 11, 2014 | May 30, 2018 |
Disclosed
Nov 11, 2014
Created
May 30, 2018
Description
A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys
can allow a local attacker to trigger a NULL pointer dereference by using a
specially crafted IOCTL. This flaw can be abused to elevate privileges to
SYSTEM.
can allow a local attacker to trigger a NULL pointer dereference by using a
specially crafted IOCTL. This flaw can be abused to elevate privileges to
SYSTEM.
Authors
Matt Bergin level@korelogic.com
Jay Smith jsmith@korelogic.com
Jay Smith jsmith@korelogic.com
Platform
Windows
Architectures
x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.