Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

MinorRev: Microsoft Security Bulletin MS04-037 - Vulnerability in Window

from [Russ Cooper] Network Security [Permanent Link]
Subject: MinorRev: Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
Date: Mon, 25 Oct 2004 19:58:33 -0400 
Microsoft Security Bulletin MS04-037:
Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

Bulletin URL:
<http://www.microsoft.com/technet/security/bulletin/MS04-037.mspx>

Reason for Revision: Bulletin updated to reduce the scope of a documented 
workaround to only support Windows XP, Windows XP Service Pack 1, and Windows 
Server 2003.
Version Number: 1.1
Issued Date: Tuesday, October 12, 2004
Revision Date: Monday, October 25, 2004
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Patch(es) Replaced: This bulletin replaces several prior security updates. See 
the frequently asked questions (FAQ) section of this bulletin for the complete 
list.
Caveats: None

Tested Software:
Affected Software:
------------------
* Microsoft Windows NT Server 4.0 Service Pack 6a
<http://tinyurl.com/66cax>
* Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
<http://tinyurl.com/3we3e>
* Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 
4
<http://tinyurl.com/4sjwf>
* Microsoft Windows XP and Microsoft Windows XP Service Pack 1
<http://tinyurl.com/6kvoh>
* Microsoft Windows XP 64-Bit Edition Service Pack 1
<http://tinyurl.com/5hg4o>
* Microsoft Windows XP 64-Bit Edition Version 2003
<http://tinyurl.com/4la8n>
* Microsoft Windows Server 2003
<http://tinyurl.com/6dmxp>
* Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98, Microsoft 
Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) - 
Review the FAQ section of this bulletin for details about these operating 
systems.
<http://tinyurl.com/4la8n>

Technical Description:
----------------------
* Shell Vulnerability - CAN-2004-0214: A remote code execution vulnerability 
exists in the way that the Windows Shell starts applications. An attacker could 
exploit the vulnerability if a user visited a malicious Web site. If a user is 
logged on with administrative privileges, an attacker who successfully 
exploited this vulnerability could take complete control of an affected system. 
However, user interaction is required to exploit this vulnerability.

* Program Group Converter Vulnerability- CAN-2004-0572: A remote code execution 
vulnerability exists in Program Group Converter because of the way that it 
handles specially crafted requests. An attacker could exploit the vulnerability 
by constructing a malicious request that could potentially allow remote code 
execution if a user performed an action such as opening a file attachment or 
clicking a HTML link. If a user is logged on with administrative privileges, an 
attacker who successfully exploited this vulnerability could take complete 
control of an affected system. However, user interaction is required to exploit 
this vulnerability.

Revision History:
-----------------
* v1.0 - 10/12/2004: Bulletin published
* v1.1 - 10/25/2004: Bulletin updated to reduce the scope of a documented 
workaround to only support Windows XP, Windows XP Service Pack 1, and Windows 
Server 2003.

This email is sent to NTBugtraq automagically as a service to my subscribers. 
(v4.01.1664.40858)

Cheers,
Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

--
NTBugtraq Editor's Note:

Want to reply to the person who sent this message? This list is configured such 
that just hitting reply is going to result in the message coming to the list, 
not to the individual who sent the message. This was done to help reduce the 
number of Out of Office messages posters received. So if you want to send a 
reply just to the poster, you'll have to copy their email address out of the 
message and place it in your TO: field.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • MinorRev: Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356), Russ Cooper <=
Previous by Date:  BHO KB Link - How to Disable Third-Party Tool Bands and Browser Helper Objects, Duane Maurer II
Next by Date:  Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash, Peter Kruse
Previous by Thread:  BHO KB Link - How to Disable Third-Party Tool Bands and Browser Helper Objects, Duane Maurer II
Next by Thread:  Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash, Peter Kruse
Indexes:  [Date] [Thread] [Top] [All Lists]