[prev in list] [next in list] [prev in thread] [next in thread]
List: nfr-users
Subject: [nfr-users] RAPID RESPONSE - MSRPC version 24 - SrvSvc overflow
From: Matt LeGrow <mlegrow () nfr ! com>
Date: 2006-08-11 18:30:23
Message-ID: 44DCCCBF.2090208 () nfr ! com
[Download RAW message or body]
The NFR RRT has released an update of the MSRPC package to detect the
SRVSVC overflow (MS06-040).
WHY THIS IS IMPORTANT
Successful exploitation of this vulnerability will result in arbitrary
code execution in the context of the SYSTEM user under Windows.
TECHNICAL INFORMATION
The Server Service provides RPC, printing and share management services a Windows \
system. It allows sharing of local resources such as file systems and printers, as \
well as handling named pipe communications over the network for MSRPC applications.
The function NetrpPathCanonicalize() contains an unchecked buffer in one of
its path arguments that can be exploited to run arbitrary user code.
RESOURCES
CVE-2006-3439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3439
Vulnerability in Server Service Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx
_______________________________________________
nfr-users mailing list
nfr-users@nfr.com
http://list.nfr.com/mailman/listinfo/nfr-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic