search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Data Access Components (MDAC) contains buffer overflow

Vulnerability Note VU#139150

Original Release Date: 2004-01-19 | Last Revised: 2004-01-19

Overview

Microsoft Data Access Components (MDAC) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code or cause a denial of service.

Description

From Microsoft Security Bulletin MS04-003:

Microsoft Data Access Components (MDAC) is a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client.
MS04-003 notes that "...MDAC is a ubiquitous technology" that is installed as part of Windows 2000, Windows XP, and other Microsoft programs (e.g., Microsoft Access and Microsoft SQL Server).

An MDAC client sends a network broadcast to port 1434/udp to query for systems running Microsoft SQL Server. A buffer overflow vulnerability exists in an MDAC component that handles responses to such a query. The vulnerability could be triggered by a specially crafted response packet. An MDAC client is only vulnerable for some period of time after it issues a query.

Impact

A remote attacker could execute arbitrary code with the privileges of the process using MDAC. The attacker could also cause a denial of service.

Solution

Apply patch
Apply the appropriate patch referenced in Microsoft Security Bulletin MS04-003.


Block or Restrict Access

Block or restrict inbound access to port 1434/udp. Note that a firewall that performs stateful inspection may allow inbound responses after recording an outbound broadcast.

Vendor Information

139150
 
Affected   Unknown   Unaffected

Microsoft Corporation

Updated:  January 19, 2004

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Microsoft Security Bulletin MS04-003.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

Information used in this document came from Microsoft Security Bulletin MS04-003

This document was written by Art Manion.

Other Information

CVE IDs: CVE-2003-0903
Severity Metric: 10.60
Date Public: 2004-01-13
Date First Published: 2004-01-19
Date Last Updated: 2004-01-19 14:58 UTC
Document Revision: 27

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.