Microsoft Network Monitor Software Vulnerable to Multiple Overflows

Microsoft has released a security bulletin and patches to address a vulnerability in the "protocol parser" feature of Network Monitor

Steve Manzuik

October 31, 2000

1 Min Read
ITPro Today logo

Reported November 1, 2000 by Microsoft


DESCRIPTIONMicrosoft has released a security bulletin and patch to address a security vulnerability that could allow a malicious user to gain control of an affected server.

Network Monitor, shipped with SMS Server 1.2, 2.0 and Windows 2000 Server versions, contains a protocol parser that aids in interpreting and analyzing previously captured network data.  If a malicious user was to send a specially crafted frame to a server that was monitoring network traffic it would cause an overflow that would cause Network Monitor to crash and allow the malicious user to launch arbitrary commands. 


Microsoft has released a security bulletin, MS00-0083.  Multiple patches are also available; 

Microsoft Windows NT 4.0 Server and Windows NT 4.0 Server,

Enterprise Edition:

Microsoft Windows NT 4.0 Server, Terminal Server Edition:

To be released shortly.

- Microsoft Windows 2000 Server, Advanced Server and

Datacenter Server:

Microsoft Systems Management Server 1.2:

Microsoft Systems Management Server 2.0:

CREDITDiscovered by NAI Labs, and ISS X-Force

Read more about:

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like