ntdll.dll overview

The file ntdll.dll is contained in the following software

Windows XP Home Edition, Deutsch More information
Version: 5.1.2600.1217
Filedate: 2003-05-02 01:56:34
Filesize: 679.936 bytes
Filepath: C:\WINDOWS\system32\ntdll.dll
Show ntdll.dll details
Windows XP Home Edition, Deutsch More information
Version: 5.1.2600.1106
Filedate: 2002-08-29 14:00:00
Filesize: 694.272 bytes
Filepath: C:\WINDOWS\I386\SYSTEM32\ntdll.dll
Show ntdll.dll details

ntdll.dll was found in the following malware reports:


Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability
Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability... ...data is supplied to the WebDAV component, it is, in turn, passed to the vulnerable ntdll.dll system component. The ntdll.dll fails to perform... ...Symantec Intruder Alert policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV.... Source: http://securityresponse.symantec.com/avcenter/security/Content/3.17.2003.html
Symantec NetRecon 3.6 Security Update 2
Symantec NetRecon checks for the Windows 2000 ntdll.dll buffer overflow vulnerability, four additional Microsoft SQL Server vulnerabilities,... ...New Vulnerability Checks Microsoft Windows 2000 ntdll.dll Buffer Overflow Vulnerability... ...code execution is possible. The Windows 2000 library ntdll.dll includes a function that does not perform sufficient bounds checking.... ...The vector allows for the vulnerability in ntdll.dll to be exploited by a remote attacker.... Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.26.html
W64.Shruggle.1318
Removal instructions ...following three libraries: Ntdll.dll Sfc_os.dll... ...Kernel32.dll From Ntdll.dll, the virus uses the following functions:... Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html
W64.Rugrat.3344
Technical details ...three different libraries: NTDLL.DLL SFC_OS.DLL... ...KERNEL32 From NTDLL.DLL, the virus uses these functions:... Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.rugrat.3344.html
Trojan.Kaht
About Trojan.Kaht ...Many applications use the vulnerable Win32 API component, ntdll.dll, so other attack vectors may exist.... Technical details ...The IIS WebDAV uses a core Windows system component, ntdll.dll, containing an unchecked buffer when processing the incoming WebDAV requests.... Source: http://securityresponse.symantec.com/avcenter/venc/data/trojan.kaht.html
Intruder Alert 3.6 W2K_MS_IIS_WebDAV Policy
This policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV (Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability.... Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.18a.html
W32.Gaobot.gen!poly
Technical details ...The worm may hook the NTQuerySystemInformation API on NTDLL.DLL in an attempt to hide itself.... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.polybot.html
Backdoor.HackDefender
Technical details ...closesocket ntdll.dll NtQuerySystemInformation... Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.hackdefender.html
W32.HLLW.Gaobot.JB
Removal instructions ...The PSAPI.DLL file is linked to missing export NTDLL.DLL:NtCreateProfile Revision History:... ...... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.jb.html

Navigation

Browse files