NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability."
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows Server 2003 | SP2 | ✔ | ||
| Windows Xp | SP2 | |||
| Windows Xp | SP3 |
CompileCommand
i686-w64-mingw32-gcc CVE-2011-1974.c -o CVE-2011-1974.exe -lws2_32
Test system Windows Server 2003 SP2 x86,First, you need to modify the registry and open service with an administrator.
Then cut back to ordinary users
