| VID |
26136 |
| Severity |
40 |
| Port |
2103 |
| Protocol |
TCP |
| Class |
DCERPC |
| Detailed Description |
The hotfix (KB892944) for 'Code Execution Vulnerability in MSMQ' seems not to have been installed. Microsoft Windows 2000, XP are vulnerable to a buffer overflow vulnerability, caused by improper bounds checking of user-supplied strings passed to the Microsoft Message Queuing Service (MSMQ). This vulnerability may be exploited over RPC. An attacker may exploit this vulnerability to execute arbitrary code with SYSTEM privileges, facilitating unauthorized access or privilege escalation.
By default, the Message Queuing component is not installed on any affected operating system version. Only customers who manually installed the Message Queuing component could be vulnerable to this issue. The vulnerability is reportedly not present on computers that only enable MSMQ HTTP Message Delivery.
* References:
http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx
* Platforms Affected:
Microsoft Windows 98
Microsoft Windows 2000 Any version SP 4
Microsoft Windows XP Any version SP 1
Microsoft Windows XP 64-Bit Edition Service Pack 1 |
| Recommendation |
Apply the appropriate patch (KB892944) for your system, as listed in Microsoft Security Bulletin MS05-017 at http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0059 (CVE) |
| Related URL |
13112 (SecurityFocus) |
| Related URL |
19829,20000 (ISS) |
|
