| VID |
26067 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(KB824141) for 'Buffer Overflow Vulnerability in the ListBox and in the ComboBox Control' has not been applied.
The ListBox control and the ComboBox control both call a function, which is located in the User32.dll file, that contains a buffer overflow vulnerability. This buffer overflow occurs because this function does not correctly validate the parameters. By sending a specially-crafted Windows message to any applications that have implemented the ListBox control or the ComboBox control, an attacker who had the ability to log on to a system interactively can overflow a buffer and execute arbitrary code on the system with elevated privileges. An attacker must have valid logon credentials to exploit the vulnerability. The vulnerability could not be exploited remotely.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp
* Platforms Affected:
Windows NT Workstation 4.0, Service Pack 6a
Windows NT Server 4.0, Service Pack 6a
Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
Windows 2000, Service Pack 2
Windows 2000 Service Pack 3, Service Pack 4
Windows XP Gold, Service Pack 1
Windows XP 64 bit Edition
Windows XP 64 bit Edition Version 2003
Windows Server 2003
Windows Server 2003 64 bit Edition |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS03-045 at http://www.microsoft.com/technet/security/bulletin/MS03-045.asp
1. Open the following page :
Windows NT Workstation 4.0, SP 6a:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5EA88ABE-8D53-4E25-959C-E80EB5FD7A91
Windows NT Server 4.0, SP 6a:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F3E87075-AAE5-49F4-9D37-24A116296188
Windows NT Server 4.0, Terminal Server Edition, SP 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=0ADC8D90-2355-49A0-976B-57281B4521C1
Windows 2000, SP 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=01358EAC-F1C5-4CB7-BE3D-64459F4AD3FD
Windows 2000 SP 3, 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=379F234D-CE7E-4897-8D29-0764997F1E42
Windows XP Gold, SP 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=ABC764AC-5B7B-4B99-BF3E-F57352E4C507
Windows XP 64bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=3E7B03BF-2231-4069-B76F-0BD69CF6E1D9
Windows XP 64bit Edition Version 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=E4BD7C05-EA0E-49C7-9BDD-ABB496CA87CA
Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=02F97DE4-29DF-4D33-A33B-E7630349E69E
Windows Server 2003 64bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=E4BD7C05-EA0E-49C7-9BDD-ABB496CA87CA
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0659 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
13424 (ISS) |
|
