Microsoft Windows/Exchange NNTP Component Remote Overflow

2004-10-12T15:02:10
ID OSVDB:10697
Type osvdb
Reporter Juliano Rizzo(), Lucas Lavarello()
Modified 2004-10-12T15:02:10

Description

Vulnerability Description

A remote overflow exists in Windows and Exchange. The NNTP server fails to validate user-supplied data passed as a parameter to the XPAT command resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Windows and Exchange. The NNTP server fails to validate user-supplied data passed as a parameter to the XPAT command resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Security Tracker: 1011631 Secunia Advisory ID:12802 Other Advisory URL: http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10 Microsoft Security Bulletin: MS04-036 Microsoft Knowledge Base Article: 883935 ISS X-Force ID: 17641 Generic Exploit URL: http://www.securiteam.com/windowsntfocus/6Y00H0UBGQ.html CVE-2004-0574