Vulnerability Note VU#139150

Microsoft Data Access Components (MDAC) contains buffer overflow

Original Release date: 19 Jan 2004 | Last revised: 19 Jan 2004

Overview

Microsoft Data Access Components (MDAC) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code or cause a denial of service.

Description

From Microsoft Security Bulletin MS04-003:

    Microsoft Data Access Components (MDAC) is a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client.

MS04-003 notes that "...MDAC is a ubiquitous technology" that is installed as part of Windows 2000, Windows XP, and other Microsoft programs (e.g., Microsoft Access and Microsoft SQL Server).

An MDAC client sends a network broadcast to port 1434/udp to query for systems running Microsoft SQL Server. A buffer overflow vulnerability exists in an MDAC component that handles responses to such a query. The vulnerability could be triggered by a specially crafted response packet. An MDAC client is only vulnerable for some period of time after it issues a query.

Impact

A remote attacker could execute arbitrary code with the privileges of the process using MDAC. The attacker could also cause a denial of service.

Solution

Apply patch
Apply the appropriate patch referenced in Microsoft Security Bulletin MS04-003.


Block or Restrict Access

Block or restrict inbound access to port 1434/udp. Note that a firewall that performs stateful inspection may allow inbound responses after recording an outbound broadcast.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-19 Jan 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Information used in this document came from Microsoft Security Bulletin MS04-003.

This document was written by Art Manion.

Other Information

  • CVE IDs: CAN-2003-0903
  • Date Public: 13 Jan 2004
  • Date First Published: 19 Jan 2004
  • Date Last Updated: 19 Jan 2004
  • Severity Metric: 10.60
  • Document Revision: 27

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.