Microsoft Data Access Components (MDAC) contains buffer overflow

Overview

Microsoft Data Access Components (MDAC) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code or cause a denial of service.

Description

From Microsoft Security Bulletin MS04-003:

Microsoft Data Access Components (MDAC) is a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client.
MS04-003 notes that “…MDAC is a ubiquitous technology” that is installed as part of Windows 2000, Windows XP, and other Microsoft programs (e.g., Microsoft Access and Microsoft SQL Server).

An MDAC client sends a network broadcast to port 1434/udp to query for systems running Microsoft SQL Server. A buffer overflow vulnerability exists in an MDAC component that handles responses to such a query. The vulnerability could be triggered by a specially crafted response packet. An MDAC client is only vulnerable for some period of time after it issues a query.

---

Impact

A remote attacker could execute arbitrary code with the privileges of the process using MDAC. The attacker could also cause a denial of service.

---

Solution

Apply patch
Apply the appropriate patch referenced in Microsoft Security Bulletin MS04-003.

---

Block or Restrict Access

Block or restrict inbound access to port 1434/udp. Note that a firewall that performs stateful inspection may allow inbound responses after recording an outbound broadcast.

---

Vendor Information

139150

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Microsoft Corporation __ Affected

Updated: January 19, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Microsoft Security Bulletin MS04-003.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23139150 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://www.microsoft.com/technet/security/bulletin/ms04-003.asp&gt;
• <http://support.microsoft.com/default.aspx?kbid=301202&gt;
• <http://support.microsoft.com/default.aspx?kbid=231943&gt;
• <http://support.microsoft.com/default.aspx?kbid=813878&gt;
• <http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmdac/html/technologyfeatures.asp&gt;
• <http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmdac/html/datechartoverview.asp&gt;
• <http://www.secunia.com/advisories/10616/&gt;
• <http://www.securityfocus.com/bid/9407&gt;

Acknowledgements

Information used in this document came from Microsoft Security Bulletin MS04-003.

This document was written by Art Manion.

Other Information

CVE IDs:	CVE-2003-0903
Severity Metric:	10.60 Date Public: