Windows Server Service buffer overflow

2006-08-11T00:00:00
ID SAINT:CF84C615CA476A001FFE4FD66C27D477
Type saint
Reporter SAINT Corporation
Modified 2006-08-11T00:00:00

Description

Added: 08/11/2006
CVE: CVE-2006-3439
BID: 19409
OSVDB: 27845

Background

The Windows Server Service supports file, print, and named-pipe sharing over the network.

Problem

A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 06-040.

References

<http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx>

Limitations

Exploit works on Windows 2000 and Windows XP SP1. Target computer may reboot after connection is closed.

Platforms

Windows 2000
Windows XP