Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | Microsoft Windows Workstation Service (wkssvc.dll) Buffer Overflow Lets Remote Users Execute Arbitrary Code with System Privileg |
|---|
Categorie: Vulnerability
Posted: 2003-11-12 by ReCall
Views: 430
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: A buffer overflow vulnerability was reported in Microsoft Windows 2000 and Windows XP in the Workstation service. A remote user can execute arbitrary code with System privileges on the target system.
It is reported that a remote user can send a specially crafted message to the Workstation service to cause the service to crash or execute arbitrary code with System level privileges. Other attack vectors can reportedly be used. For example, a remote authenticated user can login and send malformed messages to the service or an application that passes messages to the service can be exploited.
The flaw exists in the Wkssvc.dll file.
The Workstation service is used to route local file system requests and remote file or print network requests and is enabled by default, according to the report.
Microsoft indicates that if you have blocked inbound UDP ports 138, 139, 445 and TCP ports 138, 139, 445 with a firewall, a remote user cannot send messages to the Workstation service.
Microsoft credits eEye Digital Security with reporting this flaw.
Impact: A remote user can execute arbitrary code on the target system with System privileges.
Solution: Microsoft indicates that the Windows XP security updates that were released on October 15, 2003 as part of Security
Bulletin MS03-043 (828035) included an updated file that helps protect from this vulnerability. Users that have applied the Windows XP security updates for MS03-043 (828035) do not have to reapply this update.
A fix is available for Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167-479C-9638-D4D79483F261&displaylang=en
A reboot may be required in some cases. This fix will be included in Windows 2000 SP5.
A fix is available for Microsoft Windows XP, Microsoft Windows XP Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F02DA309-4B0A-4438-A0B9-5B67414C3833&displaylang=en
A fix is available for Microsoft Windows XP 64-Bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=2BE95254-4C65-4CA5-80A5-55FDF5AA2296&displaylang=en
See the Microsoft advisory for a list of workarounds and a description of installation options:
http://www.microsoft.com/technet/security/bulletin/MS03-049.asp
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=526
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
