Microsoft has released a security bulletin and patch to address a security vulnerability that could allow a malicious user to gain control of an affected server.
Network Monitor, shipped with SMS Server 1.2, 2.0 and Windows 2000 Server versions, contains a protocol parser that aids in interpreting and analyzing previously captured network data. If a malicious user was to send a specially crafted frame to a server that was monitoring network traffic it would cause an overflow that would cause Network Monitor to crash and allow the malicious user to launch arbitrary commands.
Microsoft has released a security bulletin, MS00-0083. Multiple patches are also available;
Microsoft Windows NT 4.0 Server and Windows NT 4.0 Server,Enterprise Edition:
Microsoft Windows NT 4.0 Server, Terminal Server Edition:To be released shortly.
- Microsoft Windows 2000 Server, Advanced Server andDatacenter Server:
Microsoft Systems Management Server 1.2:
Microsoft Systems Management Server 2.0:
Microsoft Network Monitor Software Vulnerable to Multiple Overflows