|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[sec-adv] Windows 2003 Server NIC Driver Information Disclosure Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Jun 11 2003 - 06:40:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Windows 2003 Server NIC Driver Information Disclosure Vulnerability
READ ONLINE:
http://www.secunia.com/advisories/8987/
CRITICAL:
Less critical
IMPACT:
Exposure of system information, Exposure of sensitive information
WHERE:
From local network
OPERATING SYSTEM:
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
DESCRIPTION:
A vulnerability has been identified in some NIC (Network Interface
Card) device drivers shipped with Microsoft Windows 2003 Server,
which can be exploited by malicious people to disclose potentially
sensitive information.
The problem is that some drivers pad frames with content from
previous packets or kernel memory instead of using NULL-bytes during
a FIN-ACK exchange when closing a TCP connection. This may be
exploited by malicious people to obtain potentially sensitive
information by sending specially crafted packets to a vulnerable
system.
The following drivers (both digitally signed by Microsoft) have been
identified as vulnerable:
VIA Rhine II Compatible network card (integrated into some
motherboards)
AMD PCNet family network cards (Used by several versions of VMWare)
SOLUTION:
Install a network card, which doesn't use vulnerable drivers.
CERT has a list of drivers affected by a related vulnerability
available at:
http://www.kb.cert.org/vuls/id/412115
REPORTED BY / CREDITS:
Chris Paget, NGSSoftware.
ORIGINAL ADVISORY:
http://www.nextgenss.com/advisories/etherleak-2003.txt
OTHER REFERENCES:
This vulnerability is related to another issue:
http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]