Windows NTVDM bop exploit v1.13 Vulnerability exploited: CAN-2004-0208 - BID-11369 Category: Exploits/Local Gets SYSTEM privileges under Windows using a virtual DOS machine vulnerability. A vulnerability exists in the system component that handles the Virtual DOS Machine (VDM) subsystem. A local attacker may exploit this vulnerability in order to run code with elevated privileges, fully compromising the vulnerable computer.This module exploits that vulnerability to change the agent's process access token, gaining SYSTEM privileges. Supported Systems: Windows NT4 Workstation - sp6a (i386) Windows NT4 Server - sp6a (i386) Windows NT4 Enterprise Server - sp6a (i386) Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Professional - sp4 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Professional - sp2 (i386) Windows 2000 Professional - sp1 (i386) Windows 2000 Professional - sp0 (i386) Windows 2000 Server - sp4 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp0 (i386) Windows XP Professional - sp0 (i386) Windows XP Professional - sp1 (i386) Windows XP Home Edition - sp0 (i386) Windows XP Home Edition - sp1 (i386) Windows 2003 Enterprise Edition - sp0 (i386) Windows 2003 Standard Edition - sp0 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.