CERT-In Vulnerability Note CIVN-2006-117
Microsoft Windows workstation Service Memory Corruption Vulnerability
Original Issue Date: November 15, 2006
Severity Rating:
High
Systems Affected
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
Overview A vulnerability has been reported in Microsoft Windows workstation service which could be exploited by remote attackers to take complete control of an affected system.
Description
The vulnerability is caused due to a buffer overflow error in the Workstation service when processing a malformed "Hostname" argument via the "NetpManageIPC Connect()" function, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by sending a specially crafted message to a vulnerable system.
Microsoft Windows 2000 systems are primarily at risk. On Windows XP Service Pack 2 the vulnerability could only be exploited by local attackers.
It has been observed that exploit code for the vulnerability is publicly available.
Workaround
Use Personnel firewall best practices. Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin MS06-070
Vendor information
Microsoft
http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx References Microsoft
http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx
FrSIRT
http://www.frsirt.com/english/advisories/2006/4508
Secunia
http://secunia.com/advisories/22883
eEye Digital Security
http://research.eeye.com/html/advisories/published/
AD20061114.html
Security Focus
http://www.securityfocus.com/bid/20985/info
ISS x-Force
http://xforce.iss.net/xforce/xfdb/29948
CVE-Name
CVE-2006-4691
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
