A vulnerability in the way Microsoft Windows handles SNMP may allow a buffer overflow that may allow remote execution of arbitrary code.
Microsoft Windows contains a buffer overflow that may occur when handling malformed SNMP packets. According to Microsoft Security Bulletin ms06-074 the exploit is triggered by sending a specially crafted SNMP packet to a vulnerable system.
Note that the SNMP service is not installed on any version of Microsoft Windows by default.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.
Apply a Workaround
See Microsoft Security Bulletin ms06-074 for more details.
This vulnerability was reported in Microsoft Security Bulletin ms06-074 Microsoft credits Kostya Kortchinsky of Immunity, Inc. and Clement Seguy of the European Aeronautic Defence and Space Company for reporting this issue.
|Date First Published:||2006-12-13|
|Date Last Updated:||2007-01-05 19:46 UTC|