Buffer Overrun In Microsoft's SNMP Implementation

Reported February 12, 2002, by Microsoft.

VERSIONS AFFECTED

 

·         Windows XP

·         Windows 2000

·         Windows NT 4.0

·         Windows Me

·         Windows 9x

 

DESCRIPTION
A buffer overrun vulnerability exists in Microsoft's SNMP implementation that can lead to a Denial of Service (DoS) attack or remote compromise of the system running SNMP. By sending a malformed management request to the vulnerable system, an attacker can run code in the LocalSystem security context and gain complete control of the system.

 

VENDOR RESPONSE

The vendor, Microsoft, has released security bulletin MS02-006, which addresses this vulnerability. Microsoft is developing a patch to make available soon at the MS02-006 URL location.

 

CREDIT
Discovered by Microsoft.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish