|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA11065] Microsoft Windows RPC/DCOM Multiple Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Tue Apr 13 2004 - 15:48:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Microsoft Windows RPC/DCOM Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA11065
VERIFY ADVISORY:
http://secunia.com/advisories/11065/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
From local network
OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows NT 4.0 Workstation
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
DESCRIPTION:
Microsoft has issued an advisory regarding multiple vulnerabilities
in RPC/DCOM, where the most serious can potentially lead to a system
compromise.
1) A race condition in the RPC Runtime Library may allow malicious
people to compromise a vulnerable system by sending a specially
crafted message.
This issue was also described in:
SA9978
2) A specially crafted message may cause the RPCSS service to fail
reclaiming discarded memory. Successful exploitation may lead to a
Denial of Service.
3) Attackers may cause a Denial of Service by sending a specially
crafted reply to messages forwarded through CIS or RPC over HTTP
Proxy components.
4) Object identities are created in a way, which allows malicious
people to cause applications to listen on unexpected ports. This
could potentially be exploited to launch other attacks.
SOLUTION:
Apply patches manually or via Windows Update.
Microsoft Windows NT Workstation 4.0 (requires SP6a):
http://www.microsoft.com/downloads/details.aspx?FamilyId=4ACB5BD6-A0BF-40BC-8955-D833923642EF&displaylang=en
Microsoft Windows NT Server 4.0 (requires SP6a):
http://www.microsoft.com/downloads/details.aspx?FamilyId=D4F2AD32-FE74-4DA1-AEAE-80897AC86720&displaylang=en
Microsoft Windows NT Server 4.0 Terminal Server Edition (requires
SP6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=5B29E35D-E5DA-4486-B7EB-D54C7398142C&displaylang=en
Microsoft Windows 2000 (requires SP2, SP3, or SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD38C36-D1D3-47A2-A5D5-6C8F27FDCC40&displaylang=en
Microsoft Windows XP:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D488BBBB-DA77-448D-8FF0-0A649A0D8FC3&displaylang=en
Microsoft Windows XP 64-Bit Edition (requires SP1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=4C3ED21D-FF40-4C9D-99DD-1632E43C1645&displaylang=en
Microsoft Windows XP 64-Bit Edition Version 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en
Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=07317CE9-520D-4574-B575-5FB85DA9A4D7&displaylang=en
Microsoft Windows Server 2003 64-Bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en
PROVIDED AND/OR DISCOVERED BY:
1 and 2) eEye Digital Security
3) Qualys
4) Todd Sabin, BindView.
ORIGINAL ADVISORY:
http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx
OTHER REFERENCES:
SA9978:
http://secunia.com/advisories/9978/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]