|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Alert: Microsoft Security Bulletin MS03-043 - Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
From: Russ (Russ.Cooper
RC.ON.CA)
Date: Wed Oct 15 2003 - 18:37:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Bulletin URL:
http://www.microsoft.com/technet/security/bulletin/MS03-043.asp
Summary:
Version Number: V1.0
Revision Date: 10-15-2003
Patch(es) Replaced: None
Caveats: None
CVE Number(s): CAN-2003-0717
Tested Software:
Affected Software:
* Microsoft Windows NT Workstation 4.0, Service Pack 6a
* Microsoft Windows NT Server 4.0, Service Pack 6a
* Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
Pack 6
* Microsoft Windows 2000, Service Pack 2
* Microsoft Windows 2000, Service Pack 3, Service Pack 4
* Microsoft Windows XP Gold, Service Pack 1
* Microsoft Windows XP 64-bit Edition
* Microsoft Windows XP 64-bit Edition Version 2003
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 64-bit Edition
Software Not Affected:
* Microsoft Windows Millennium Edition
Technical Description:
A security vulnerability exists in the Messenger Service that could
allow arbitrary code execution on an affected system. The vulnerability
results because the Messenger Service does not properly validate the
length of a message before passing it to the allocated buffer. An
attacker who successfully exploited this vulnerability could be able to
run code with Local System privileges on an affected system, or could
cause the Messenger Service to fail. The attacker could then take any
action on the system, including installing programs, viewing, changing
or deleting data, or creating new accounts with full privileges.
This email is sent to NTBugtraq automatically as a service to my
subscribers. (v2.0)
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
----
NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
code "NT1003" when registering to take the TICSA exam at www.2test.com.
Prove to your employer and peers that you have the knowledge and
abilities to be an active stakeholder in today's enterprise security.
Become TICSA certified www.trusecure.com/ticsa. Promotion expires
12/31/03 and cannot be used in combination with other offers.
----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]