| VID |
26053 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (KB821557) for the 'System Compromise Vulnerability due to unchecked buffer in windows shell' has not been applied.
The Windows shell(Explorer.exe) provides the basic framework for the Windows user interface and is most commonly experienced as the Windows desktop. However, the Windows XP SP1 system contains a buffer overflow vulnerability due to an unchecked buffer in the Windows Shell's component that reads and applies folder attributes from the Desktop.ini file for a particular folder. For exploiting this vulnerability, a remote attacker will create a desktop.ini file with an overly long .ShellClassInfo parameter, and then host it on a network share. If a user were to browse the shared folder where the file was stored, a remote attacker can overflow a buffer and execute attacker's code on the system with privileges of the Windows XP user or cause the Windows shell to crash. A remote attacker can only seek to exploit this vulnerability by hosting a malicious file on a share.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms03-027.asp
* Platforms Affected:
Microsoft Windows XP SP1 |
| Recommendation |
Apply the patch for this vulnerability, as listed in Microsoft's security bulletin MS03-027 at http://www.microsoft.com/technet/security/bulletin/ms03-027.asp
1. Open the following page :
for Microsoft Windows XP 32 bit Edition, http://microsoft.com/downloads/details.aspx?FamilyId=27D02AF5-A2E1-4E25-9D16-502886161A35&displaylang=en
for Microsoft Windows XP 64 bit Edition, http://microsoft.com/downloads/details.aspx?FamilyId=4BA84E2B-49F9-4416-8745-51F03503AB7D&displaylang=en
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
5. Restart your system to complete the installation.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0306 (CVE) |
| Related URL |
8208 (SecurityFocus) |
| Related URL |
12442 (ISS) |
|
