PCWorks: Microsoft Windows Message Queuing Buffer Overflow Vulnerability

Tue, 12 Apr 2005 23:41:29 -0700 

TITLE:
Microsoft Windows Message Queuing Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA14921

VERIFY ADVISORY:
http://secunia.com/advisories/14921/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
>From local network

OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server
http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/product/1177/
Microsoft Windows 2000 Professional
http://secunia.com/product/1/
Microsoft Windows 2000 Server
http://secunia.com/product/20/
Microsoft Windows XP Professional
http://secunia.com/product/22/

DESCRIPTION:
Kostya Kortchinsky has reported a vulnerability in Microsoft 
Windows,
which can be exploited by malicious people to compromise a 
vulnerable
system.

The vulnerability is caused due to a boundary error in the 
Message
Queuing component. This can e.g. be exploited by sending a 
specially
crafted message via RPC.

NOTE: The Message Queuing is not activated by default.

SOLUTION:
Apply patches.

Microsoft Windows 2000 (requires Service Pack 3 or Service Pack 
4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=99A8EE12-4BD6-43F5-A43F-124E0E2C2283

Microsoft Windows XP (requires Service Pack 1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=D72B7198-93A8-4652-B505-8E51FC5EEAC3

Microsoft Windows XP 64-Bit Edition (requires Service Pack 1)
(Itanium):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9124BA48-73A8-4C94-AA46-CE9A9D1E1198

The following versions of Microsoft Windows are not affected:
* Microsoft Windows XP Service Pack 2
* Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)

ORIGINAL ADVISORY:
MS05-017 (KB892944):
http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================

Reply via email to