CVE Vulnerability

CVE-2008-5725

The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to DevicePowerstrip1 that overwrites portions of memory.

7.2 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.ntinternals.org/ntiadv0810/ntiadv0810.html Exploit
http://secunia.com/advisories/33249 Vendor Advisory
http://securityreason.com/securityalert/4809
http://www.securityfocus.com/bid/32961
https://exchange.xforce.ibmcloud.com/vulnerabilities/47532
https://www.exploit-db.com/exploits/7533
Configurations

Configuration 1

cpe:2.3:a:entechtaiwan:powerstrip:3.80:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.56:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.83:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.51:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:*:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.15:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.78:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.54:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.46:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.77:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.62:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.28:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.75:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.57:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.58:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.00:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.72:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.70:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.76:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.43:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.60:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.81:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.64:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.11:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.18:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.65:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.26:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.59:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.44:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.52:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.40:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.29:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.02:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.45:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.49:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.73:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.63:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.53:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.16:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.25:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.12:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.55:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.50:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.74:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.01:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.61:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.47:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.10:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.20:*:*:*:*:*:*:*
cpe:2.3:a:entechtaiwan:powerstrip:3.30:*:*:*:*:*:*:*
Information

Published : 2008-12-26 05:30

Updated : 2017-09-29 01:32

NVD link : CVE-2008-5725

Mitre link : CVE-2008-5725

Products Affected
No products.
CWE
CWE-264