Full title: Microsoft Windows Server 2003 SP2 - Privilege Escalation Exploit 
Category: local exploits
Platform: windows
The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an attacker to elevate privileges. Proof of concept exploit included.

# 0day.today @ http://0day.today/