Published: 16/06/2011 Updated: 28/09/2020

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 732

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows vista
microsoft windows server 2008
microsoft windows 7 -
microsoft windows server 2008 r2
microsoft windows xp
microsoft windows server 2008 -
microsoft windows xp -
microsoft windows 2003 server
microsoft windows server 2003

Windows x86 afdsys privilege escalation exploit that leverages the issue outlined in MS11-046 ...

/* ################################################################ # Exploit Title: Windows x86 (all versions) AFD privilege escalation (MS11-046) # Date: 2016-10-16 # Exploit Author: Tomislav Paskalev # Vulnerable Software: # Windows XP SP3 x86 # Windows XP Pro SP2 x64 # Windows Server 2003 SP2 x86 # Windows Server 2003 SP2 x64 # Window ...

/* MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S Ronnie Johndas wrote the writeup dissecting a malware with this exploit I Rahul Sasi(fb1h2s) just made the POC exploit available Reference: ms8-66, ms6-49 ************************************************************* ...

1What is the name of the service is running on TCP port 21 on the target machine? First i need to use nmap, here is the switch i used: nmap -sCV results: That how we see, port 21 is Microsoft ftpd, we also see in this scan that we can login as Anonymous 2Which basic FTP command can be used to upload a single file onto the server? We can check this by man ftp 3Are files p

Microsoft Windows - 'afd.sys' Local Kernel Privilege Escalation Exploit Report (CVE-2011-1249)

OHTS Microsoft Windows - 'afdsys' Local Kernel Privilege Escalation Exploit Report (CVE-2011-1249)

CVE-2011-1249 🖥️ -k4u5h41- Microsoft Windows (x86) - 'afdsys' Local Privilege Escalation (MS11-046) apt install mingw-w64 i686-w64-mingw32-gcc 40564c -o newshellexe -lws2_32

CWE-264 https://www.exploit-db.com/exploits/40564/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12731 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-046 https://nvd.nist.gov https://github.com/Anogota/HTB-Devel https://github.com/Madusanka99/OHTS https://packetstormsecurity.com/files/139196/Windows-x86-afd.sys-Privilege-Escalation.html https://www.exploit-db.com/exploits/40564/

CVE-2011-1249

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect