A buffer overflow in the WINS service may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
The Microsoft WINS service maps IP addresses to NETBIOS computer names.The WINS protocol contains a vulnerability that may allow a remote attacker to compromise a WINS server. Insufficient validation on the name parameter within incoming WINS packets allows a buffer overflow to occur. If a remote attacker supplies a specially crafted packet to a vulnerable WINS server, that attacker may be able to exploit the buffer overflow to execute arbitrary code.
According to Microsoft Security Bulletin MS04-045 the following Microsoft products are vulnerable:
A remote attacker may be able to execute arbitrary code with SYSTEM privileges or cause a denial-of-service condition.
Consider Workarounds in MS04-045
For more detailed information please see Microsoft Knowledge Base Article 890710 and Microsoft Security Bulletin MS04-045.
Thanks to Microsoft Security for reporting this vulnerability.Microsoft credits Kostya Kortchinsky of CERT RENATER with reporting this vulnerability.
This document was written by Jeff Gennari.
|Date First Published:||2004-12-16|
|Date Last Updated:||2004-12-16 21:34 UTC|