Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Coul

from [Russ Cooper] Network Security [Permanent Link]
Subject: Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Could Allow Remote Code Execution (870763)
Date: Tue, 14 Dec 2004 13:26:52 -0500 
Microsoft Security Bulletin MS04-045:
Vulnerability in WINS Could Allow Remote Code Execution (870763)

Bulletin URL:
<http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx>

Version Number: 1.0
Issued Date: Tuesday, December 14, 2004
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Important
Patch(es) Replaced: This bulletin replaces a prior security update. See the 
frequently asked questions (FAQ) section of this bulletin for the complete list.
Caveats: None

Tested Software:
Affected Software:
------------------
* Microsoft Windows NT Server 4.0 Service Pack 6a
<http://tinyurl.com/653d3>
* Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
<http://tinyurl.com/58uh2>
* Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 
Server Service Pack 4
<http://tinyurl.com/7y994>
* Microsoft Windows Server 2003
<http://tinyurl.com/3jaxu>
* Microsoft Windows Server 2003 64-Bit Edition
<http://tinyurl.com/5blpw>

Technical Description:
----------------------
* Name Validation Vulnerability - CAN-2004-0567: A remote code execution 
vulnerability exists in WINS because of the way that it handles computer name 
validation. An attacker could exploit the vulnerability by constructing a 
malicious network packet that could potentially allow remote code execution on 
an affected system. An attacker who successfully exploited this vulnerability 
could take complete control of an affected system.

* Association Context Vulnerability - CAN-2004-1080: A remote code execution 
vulnerability exists in WINS because of the way that it handles association 
context validation. An attacker could exploit the vulnerability by constructing 
a malicious network packet that could potentially allow remote code execution 
on an affected system. An attacker who successfully exploited this 
vulnerability could take complete control of an affected system. However, 
attempts to exploit this vulnerability would most likely result in a denial of 
service on Windows Server 2003. The service would have to be restarted to 
restore functionality.

This email is sent to NTBugtraq automagically as a service to my subscribers. 
(v4.01.1796.25439)

Cheers,
Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

--
Editor's Note: The 43rd Most Powerful Person in Networking says...

Register today to take the TruSecure ICSA exam by 12/31/04  at
<http://www.2test.com> ,  use promo code "CT1204" and you will pay just
$221.25 US Dollars for domestic exam delivery and  $296.25 US Dollars
for international delivery.

Visit <https://ticsa.trusecure.com>  for complete details regarding the
TICSA credential and to take the free sample exam.

--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Could Allow Remote Code Execution (870763), Russ Cooper <=
Previous by Date:  Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835), Russ Cooper
Next by Date:  Windows Firewall update available, Marc Bejarano
Previous by Thread:  Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835), Russ Cooper
Next by Thread:  Windows Firewall update available, Marc Bejarano
Indexes:  [Date] [Thread] [Top] [All Lists]