Vulnerability Note VU#778036

Microsoft Workstation Service fails to properly parse malformed network messages

Original Release date: 15 Nov 2006 | Last revised: 21 Nov 2006

Overview

A vulnerability in the way Microsoft Workstation Service parses malformed network messages may lead to execution of arbitrary code.

Description

Microsoft Workstation Service contains a vulnerability that could be exploited when Workstation Service attempts to parse specially crafted network messages. According to Microsoft Security Bulletin MS06-070:

    On Windows 2000 Service Pack 4 any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability. On Windows XP Service Pack 2 the attack could only be successfully performed by a user with Administrator privileges.

Please note that exploit code for this vulnerability is publicly available.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.

Solution

Update
Microsoft has released an update to address this issue. See Microsoft Security Bulletin MS06-070 for more details.

Workarounds


In addition to the patches referred to above, Microsoft Security Bulletin MS06-070 also contains a number of workarounds for this issue. Users, particularly those who are unable to apply the patches are encouraged to implement these workarounds.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-14 Nov 2006
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported in Microsoft Security Bulletin MS06-070. Microsoft credits eEye for reporting this issue.

This document was written by Chris Taschner.

Other Information

  • CVE IDs: CVE-2006-4691
  • Date Public: 14 Nov 2006
  • Date First Published: 15 Nov 2006
  • Date Last Updated: 21 Nov 2006
  • Severity Metric: 18.63
  • Document Revision: 18

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.