3DNow
February 3, 2012, 11:20am
#1
Comodo Internet Security 2012 cmdguard.sys <= 5.9.25057.2197 Local Kernel Mode D.O.S Exploit
Date: 2012-2-3
Author : 3DNow
Version: Comodo Internet Security 2012 5.9.221665.2197
Tested on: Windows XP SP3
As picture shown , CIS 5.9 , enable D+ and sandbox, system will crash after run POC program.
POC is in attachment , password as well.
[attachment deleted by admin]
3DNow
February 3, 2012, 11:36am
#3
password is same as my previous post , and for comodo staff only.
Mature
February 3, 2012, 11:48am
#4
OP should claim that this BSOD flaw is for comodo’s un-behaving about the previous critical kernel flaw for almost 24 hours after getting the POC
Can you give me the password so that I can check it I get the BSOD or not?
I will check on real system XP SP3.
I guess you too checked on real system.
cookies
February 3, 2012, 12:13pm
#7
Can you give me the password so that I can check it I get the BSOD or not?
I will check on real system XP SP3.
I guess you too checked on real system.
He has claimed the password is only for staff.
if your chinese is good enough, you can see this post. http://bbs.kafan.cn/thread-1214565-1-1.html
I think the google translate version is also very powerful ;D
http://translate.google.co.in/translate?hl=en&sl=zh-CN&tl=en&u=http%3A%2F%2Fbbs.kafan.cn%2Fthread-1214565-1-1.html
Actually I want to test it.
egemen
February 3, 2012, 3:11pm
#9
Ok lets see what this issue is about.
However in the future, the ethical way to follow would be reporting the vulnerability to us in private, let us fix the issue and issue the update before you disclose the vulnerability.
This way we will be able to protect the customers before they are exploited. And in the updates, we will officially thank and credit you.
This is an unwritten rule in the security industry and its the best path to follow. You can PM me on these any time.
Thanks,
Egemen
Comodo Internet Security 2012 cmdguard.sys <= 5.9.25057.2197 Local Kernel Mode D.O.S Exploit
Date: 2012-2-3
Author : 3DNow
Version: Comodo Internet Security 2012 5.9.221665.2197
Tested on: Windows XP SP3
As picture shown , CIS 5.9 , enable D+ and sandbox, system will crash after run POC program.
POC is in attachment , password as well.
3DNow
February 3, 2012, 3:20pm
#10
Ok lets see what this issue is about.
However in the future, the ethical way to follow would be reporting the vulnerability to us in private, let us fix the issue and issue the update before you disclose the vulnerability.
This way we will be able to protect the customers before they are exploited. And in the updates, we will officially thank and credit you.
This is an unwritten rule in the security industry and its the best path to follow. You can PM me on these any time.
Thanks,
Egemen
I just fllow this “rule” : the zip file contains exploit is encrypted with password(more than 30 digits) , and only your staff have that password.
(I using PGP desktop before , that’s more secure ,but your staff told me he do not have pgp software~)
egemen
February 3, 2012, 3:21pm
#11
I just fllow this “rule” : the zip file contains exploit is encrypted with password(more than 30 digits) , and only your staff have that password.
(I using PGP desktop before , that’s more secure ,but your staff told me he do not have pgp software~)
Excellent thanks. I will PM you my email and you can use it in the future for direct contact.
Thanks egemen, Will a fix for this also be in the upcoming 5.10 you were referring to in 3DNow’s other topic?