Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability."
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 2000 | SP4 | |||
| Windows Server 2003 | SP2 | ✔ | ||
| Windows Server 2008 | SP2 | |||
| Windows Server 2008 | X64/X86 | |||
| Windows Vista | ||||
| Windows Vista | SP1 | |||
| Windows Vista | SP2 | |||
| Windows Xp | ||||
| Windows Xp | SP3 |
CompilerEnvironment
- nmake 2013
Test system Windows Server 2003 SP2 x86
MSF utilization
Test system Windows Server 2003 SP2 x86,Perform the following code
use exploit/windows/local/ms10_015_kitrap0d
set SESSION 3
run
You can see that the current permissions are the lowest.
Then execute command rights
