CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17804
https://notcve.org/view.php?id=CVE-2017-17804
20 Dec 2017 — In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084. En IKARUS anti.virus 2.16.20, el archivo del controlador (ntguard.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x83000084. • https://github.com/rubyfly/IKARUS_POC/tree/master/0x83000084 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17112
https://notcve.org/view.php?id=CVE-2017-17112
04 Dec 2017 — ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request. ntguard_x64.sys 0.18780.0.0 en IKARUS anti.virus 2.16.15 tiene una vulnerabilidad de corrupción de grupos mediante una petición 0x83000058 DeviceIoControl. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Pool_Corruption_1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17113
https://notcve.org/view.php?id=CVE-2017-17113
04 Dec 2017 — ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request. ntguard_x64.sys 0.18780.0.0 en IKARUS anti.virus 2.16.15 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición 0x830000c4 DeviceIoControl. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Null_Pointer_Dereference_1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17114
https://notcve.org/view.php?id=CVE-2017-17114
04 Dec 2017 — ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request. ntguard.sys y ntguard_x64.sys 0.18780.0.0 en IKARUS anti.virus 2.16.15 tiene una vulnerabilidad de corrupción de memoria mediante una petición 0x83000084 DeviceIoControl. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Memory_Corruption_1_0x83000084 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2017-14961 – IKARUS anti.virus 2.16.7 - 'ntguard_x64' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-14961
13 Nov 2017 — In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. En la versión 2.16.7 de IKARUS anti.virus, el controlador ntguard.sys contiene una vulnerabilidad de escritura arbitraria debido a que no valida valores de entrada de IOCtl 0x8300000c. IKARUS AntiVirus version 2.16.7 suffers from an ntguard_x64 privilege escalation vulnerability. • https://packetstorm.news/files/id/144955 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 7%CPEs: 1EXPL: 2CVE-2017-15643 – Ikraus Anti Virus 2.16.7 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-15643
19 Oct 2017 — An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first forces the client to initiate an update transaction by modifying an update field within an HTTP 200 response, so that it refers to a nonexistent update. The attacker then modifies the HTTP 404 response so that it specifies a success... • https://www.exploit-db.com/exploits/44055 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •