Vulnerability Note VU#650769
Microsoft Windows Server service buffer overflow
Microsoft Server Service
MS06-040 includes the following information:
RPC provides a mechanism that allows a program to execute a procedure on a remote system in a way that is transparent to the calling program. MS RPC is the Microsoft implementation of RPC. Windows services that use MS RPC may use SMB named pipes as the transport service for MS RPC calls.
A stack-based buffer overflow exists in the Microsoft Server service. If a remote attacker sends a specially crafted packet to a vulnerable Windows system, that attacker may be able to trigger the buffer overflow.
Note that we have received reports that this vulnerability is actively being exploited.
More information, including a list of affected versions of Windows, is available in Microsoft Security Bulletin MS06-040. We have confirmed that this vulnerability affects Windows NT4. However, according to Microsoft Security Bulletin MS06-040:
A remote, unauthenticated attacker may be able to execute arbitrary code with SYSTEM privileges.
Apply a patch from Microsoft
Microsoft addresses this vulnerability with the updates listed in Microsoft Security Bulletin MS06-040.
Until a patch can be applied, the following actions may reduce the chances of exploitation:
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||03 Aug 2006|
CVSS Metrics (Learn More)
This vulnerability was reported in Microsoft Security Bulletin MS06-040.
This document was written by Jeff Gennari.
- CVE IDs: CVE-2006-3439
- Date Public: 08 Aug 2006
- Date First Published: 08 Aug 2006
- Date Last Updated: 18 Sep 2006
- Severity Metric: 58.28
- Document Revision: 81
If you have feedback, comments, or additional information about this vulnerability, please send us email.