Vulnerability Description
The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Entechtaiwan | Powerstrip | <= 3.84 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33249Vendor Advisory
- http://securityreason.com/securityalert/4809
- http://www.ntinternals.org/ntiadv0810/ntiadv0810.htmlExploit
- http://www.securityfocus.com/bid/32961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47532
- https://www.exploit-db.com/exploits/7533
- http://secunia.com/advisories/33249Vendor Advisory
- http://securityreason.com/securityalert/4809
- http://www.ntinternals.org/ntiadv0810/ntiadv0810.htmlExploit
- http://www.securityfocus.com/bid/32961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47532
- https://www.exploit-db.com/exploits/7533
FAQ
What is CVE-2008-5725?
CVE-2008-5725 is a vulnerability with a CVSS score of 7.2 (HIGH). The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Dev...
How severe is CVE-2008-5725?
CVE-2008-5725 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5725?
Check the references section above for vendor advisories and patch information. Affected products include: Entechtaiwan Powerstrip.