Microsoft Message Queuing (MSMQ) Heap Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1021052
|
|
SecurityTracker URL: http://securitytracker.com/id?1021052
|
|
CVE Reference: CVE-2008-3479
(Links to External Site)
|
Date: Oct 14 2008
|
Impact: Execution of arbitrary code via network, Root access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Microsoft Security Bulletin
|
Version(s): 2000 SP4; and prior service packs
|
Description: A vulnerability was reported in Microsoft Message Queuing (MSMQ). A remote user can execute arbitrary code on the target system.
A remote user can send a specially crafted RPC request to trigger a buffer overflow and execute arbitrary code on the target system.
The code will run with System privileges.
Windows 2000 systems that have Message Queuing Service (MSMQ) enabled are affected.
TippingPoint
reported this vulnerability.
|
Impact: A remote user can execute arbitrary code on the target system with System level privileges.
|
Solution: The vendor has issued the following fix:
Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?familyid=899e2728-2433-4ccb-a195-05b5
d65e5469
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms08-065.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms08-065.mspx (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (2000)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 14 Oct 2008 16:58:58 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms08-065.mspx
|
Microsoft Security Bulletin MS08-065 – Important: Vulnerability in Message Queuing Could Allow Remote
Code Execution (951071)
CVE-2008-3479
|
|
