Lucene search

K
saintSAINT CorporationSAINT:96A014FFC582689EF4D17FA237E2BB21
HistoryOct 06, 2006 - 12:00 a.m.

Microsoft Message Queuing buffer overflow

2006-10-0600:00:00
SAINT Corporation
my.saintcorporation.com
19

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%

Added: 10/06/2006
CVE: CVE-2005-0059
BID: 13112
OSVDB: 15458

Background

Microsoft Message Queuing allows applications which may be running at different times to communicate across a network.

Problem

A buffer overflow in Microsoft Message Queuing allows remote attackers to execute arbitrary commands.

Resolution

Apply the update referenced in Microsoft Security Bulletin 05-017.

References

http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx

Limitations

Exploit works on Windows 2000 and Windows XP SP0 and SP1.

Platforms

Windows 2000
Windows XP

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%