Shouldnt this be considered low risk and not medium? On Wed, 10 May 2006 17:01:09 -0700 Avert <[EMAIL PROTECTED]> wrote: >McAfee, Inc. >McAfee Avert(tm) Labs Security Advisory >Public Release Date: 2006-05-09 > >Microsoft MSDTC NdrAllocate Validation Vulnerability > >CVE-2006-0034 >___________________________________________________________________
>___ > >* Synopsis > >There is an RPC procedure within the MSDTC interface in >msdtcprx.dll >that may be called remotely without user credentials in such a way >that >triggers a denial-of-service in the Distributed Transaction >Coordinator >(MSDTC) service. > >Exploitation can at most lead to a denial of service and therefore >the >risk factor is at medium. >___________________________________________________________________ >___ > >* Vulnerable Systems > >Microsoft Windows 2000 >Microsoft Windows XP >Microsoft Windows Server 2003 > >___________________________________________________________________ >___ > >* Vulnerability Information > >The msdtcprx.dll shared library contains RPC procedures for use >with >the Distributed Transaction Coordinator (MSDTC) service utilized >in >Microsoft Windows. > >By sending a large (greater than 4k) request to BuildContextW(), a >size check can be bypassed and a bug in NdrAllocate() may be >reached. > >This vulnerability was reported to Microsoft on October 12, 2005 > >___________________________________________________________________ >___ > >* Resolution > >Microsoft has provided a patch for this issue. Please see their >bulletin, KB913580, for more information on obtaining and >installing >the patch. > > >___________________________________________________________________ >___ > >* Credits > >This vulnerability was discovered by Chen Xiaobo of McAfee Avert >Labs. > >___________________________________________________________________ >___ > >___________________________________________________________________ >___ > >* Legal Notice > >Copyright (C) 2006 McAfee, Inc. >The information contained within this advisory is provided for the >convenience of McAfee's customers, and may be redistributed >provided >that no fee is charged for distribution and that the advisory is >not >modified in any way. McAfee makes no representations or >warranties >regarding the accuracy of the information referenced in this >document, >or the suitability of that information for your purposes. > >McAfee, Inc. and McAfee Avert Labs are registered Trademarks of >McAfee, >Inc. and/or its affiliated companies in the United States and/or >other >Countries. All other registered and unregistered trademarks in >this >document are the sole property of their respective owners. > >___________________________________________________________________ >___ > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
