|
Microsoft Windows WINS Replication Packet Handling Vulnerability
|
|
Secunia Advisory:
|
SA13328
|
|
|
Release Date:
|
2004-11-29
|
|
Last Update:
|
2004-12-14
|
|
Popularity:
|
18,504 views
|
|
|
Critical:
|
 Moderately critical
|
|
Impact:
|
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Server Microsoft Windows NT 4.0 Server Microsoft Windows NT 4.0 Server, Terminal Server Edition Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Web Edition
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2004-1080
|
|
Description: Nicolas Waisman has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error within WINS (Windows Internet Name Service) during the handling of replication packets. This can be exploited to write 16 bytes to an arbitrary memory location by sending a specially crafted WINS replication packet to a vulnerable server.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been reported in Windows 2000 SP2 through SP4. However, other versions are reportedly also believed to be affected.
Solution: Microsoft has issued patches, for further information:
SA13466
Provided and/or discovered by: Nicolas Waisman, Immunity.
Changelog: 2004-11-30: Added link to US-CERT vulnerability note.
2004-12-07: Added CVE reference.
2004-12-14: Updated solution.
Original Advisory: http://www.immunitysec.com/downloads/instantanea.pdf
Other References: "How to help protect against a WINS security issue":
http://support.microsoft.com/kb/890710
US-CERT VU#145134:
http://www.kb.cert.org/vuls/id/145134
SA13466:
http://secunia.com/advisories/13466/
MS04-045 (KB870763):
http://www.microsoft.com/technet/security/bulletin/ms04-045.mspx
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|