CVE-2008-5229

Microsoft Windows Vista Gold & SP1 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5229. PoCs published by Marius Wachtler.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Microsoft Windows Vista's IP forwarding table handling via the `CreateIpForwardEntry2` function. The PoC manipulates the `PrefixLength` field to trigger the overflow, potentially leading to denial-of-service or privilege escalation.

Description

Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marius Wachtler · clocalwindows

https://www.exploit-db.com/exploits/32590

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Microsoft Windows Vista's IP forwarding table handling via the `CreateIpForwardEntry2` function. The PoC manipulates the `PrefixLength` field to trigger the overflow, potentially leading to denial-of-service or privilege escalation.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Windows Vista SP1

Auth required

Prerequisites: Administrative privileges · Local access to the target system

MITRE ATT&CK