Microsoft Windows Internet Name Service (WINS) Input Validation Flaw in ECommEndDlg() Lets Local Users Gain Elevated Privileges - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (Microsoft) > WINS (Windows Internet Name Service)

Vendors: Microsoft

Microsoft Windows Internet Name Service (WINS) Input Validation Flaw in ECommEndDlg() Lets Local Users Gain Elevated Privileges

SecurityTracker Alert ID: 1026037

SecurityTracker URL: http://securitytracker.com/id/1026037

CVE Reference: CVE-2011-1984 (Links to External Site)

Updated: Sep 13 2011

Original Entry Date: Sep 13 2011

Impact: Execution of arbitrary code via local system, Root access via local system

Fix Available: Yes Vendor Confirmed: Yes

Description: A vulnerability was reported in Microsoft Windows Internet Name Service (WINS). A local user can obtain elevated privileges on the target system.

A local user can send a sequence of specially crafted packets to the WINS server via the loopback interface to execute arbitrary code on the target system with Local System privileges.

The vulnerability resides in the ECommEndDlg() function.

The vendor was notified on June 7, 2011.

The original advisory is available at:

http://www.coresecurity.com/content/ms-wins-ecommenddlg-input-validation

Nicolas Economou of Core Security Technologies reported this vulnerability.

Impact: A local user can obtain Local System privileges on the target system.

Solution: The vendor has issued the following fixes:

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=1e6ac3b2-752e-49a0-84e5-5a8dfe955299

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=f9378339-c58e-4e84-9427-85aeb35b0d99

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=c35c71a8-13b4-47a6-9763-06f6f65327b1

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=a9039660-3cc2-470d-a0a5-a70f78074495

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=5ea78a9b-b1f7-4e94-b69e-c984e1622ae9

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=f58cf343-946c-4e74-bd9c-40ac934a4986

A restart is required.

The Microsoft advisory is available at:

http://technet.microsoft.com/en-us/security/bulletin/ms11-070

Vendor URL: technet.microsoft.com/en-us/security/bulletin/ms11-070 (Links to External Site)

Cause: Input validation error

Underlying OS: Windows (2003), Windows (2008)

Message History: None.

Source Message Contents


[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC