| Name | ESET_EpFwNDIS |
| CVE | CVE-2014-4973 |
| Exploit Pack | CANVAS |
| Description | EpFwNDIS.sys Trusted Value Vulnerability |
| Notes | Repeatability: Infinite Notes: This module exploits a vulnerability on the ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver. The Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 are the vulnerable ones. While processing the input buffer inside the IOCTL 0x830020CC a trusted value condition occurs. The correct value could be obtained through another IOCTL which has an information leak. Once the correct value is known a NULL page dereference could be achieved. References: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/ Tested on: Windows XP Professional SP3 x86 (ESET Smart Security 7.0.302.0) VENDOR: ESET CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4973 CVE Name: CVE-2014-4973 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |