Thursday, 10 January 2008

Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability

iDefense has published an advisory for a vulnerability in the Motorola netOctopus Agent which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can reliably execute malicious code in ring 0 by hijacking the SYSENTER_EIP_MSR via an improperly exposed interface in the NantSys device driver.

You can read the full iDefense advisory here:

You can read Motorola's fix for the issue here: [PDF]