Microsoft Windows Client Service for NetWare (CSNW) Remote Overflow

2005-10-11T02:48:45
ID OSVDB:19922
Type osvdb
Reporter OSVDB
Modified 2005-10-11T02:48:45

Description

Vulnerability Description

A remote overflow exists in Microsoft Windows. The 'Client Service for NetWare (CSNW)' fails to perform proper bounds checking resulting in a buffer overflow. With specially crafted network messages, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Microsoft Windows. The 'Client Service for NetWare (CSNW)' fails to perform proper bounds checking resulting in a buffer overflow. With specially crafted network messages, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.microsoft.com/ Vendor Specific Advisory URL Security Tracker: 1015041 Secunia Advisory ID:17165 Secunia Advisory ID:17223 Microsoft Security Bulletin: MS05-046 Microsoft Knowledge Base Article: 899589 Keyword: 2005006318 ISS X-Force ID: 21700 CVE-2005-1985 Bugtraq ID: 15066