Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:EEA347BBC6E6F612F035B23A7C57D201
HistoryDec 12, 2007 - 12:00 a.m.

Microsoft Message Queuing queue name buffer overflow

2007-12-1200:00:00
SAINT Corporation
my.saintcorporation.com
45

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Added: 12/12/2007
CVE: CVE-2007-3039
BID: 26797
OSVDB: 39123

Background

Microsoft Message Queuing allows applications which may be running at different times to communicate across a network.

Problem

A buffer overflow vulnerability in the Microsoft Message Queuing service allows remote attackers to execute arbitrary commands by specifying a long, specially crafted queue name with a fully-qualified NetBIOS domain name.

Resolution

Install the update referenced in Microsoft Security Bulletin 07-065.

References

<http://www.microsoft.com/technet/security/bulletin/ms07-065.mspx&gt;

Limitations

Exploit works on Windows 2000 and requires the target’s NetBIOS name to be set up with a primary DNS suffix.

Platforms

Windows 2000

Related

checkpoint_advisories 2
nessus 2
packetstorm 1
cve 1
seebug 2
zdi 1
prion 1
exploitpack 1
securityvulns 4
saint 3
canvas 1
cvelist 1
exploitdb 1
checkpoint_advisories
checkpoint_advisories
Update Protection against Microsoft Windows Message Queuing Remote Code Execution Vulnerability (MS07-065)
2007-12-18 00:00:00
Microsoft Windows Message Queuing Service String Buffer Overflow (MS05-017; CVE-2005-0059; CVE-2007-3039)
2007-03-30 00:00:00
nessus
nessus
MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)
2007-12-11 00:00:00
MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) (uncredentialed check)
2007-12-12 00:00:00
packetstorm
packetstorm
Microsoft Message Queueing Service DNS Name Path Overflow
2009-11-26 00:00:00
cve
cve
CVE-2007-3039
2007-12-12 00:46:00
seebug
seebug
Microsoft消息队列服务栈溢出漏洞(MS07-065)
2007-12-13 00:00:00
MS Windows 2000 AS SP4 Message Queue Exploit (MS07-065)
2007-12-23 00:00:00
zdi
zdi
Microsoft Windows Message Queuing Service Stack Overflow Vulnerability
2007-12-11 00:00:00
prion
prion
Stack overflow
2007-12-12 00:46:00
exploitpack
exploitpack
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)
2007-12-21 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS07-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution &#40;937894&#41;
2007-12-12 00:00:00
ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability
2007-12-12 00:00:00
Microsoft Windows Message Queuing buffer overflow
2007-12-24 00:00:00
saint
saint
Microsoft Message Queuing queue name buffer overflow
2007-12-12 00:00:00
Microsoft Message Queuing queue name buffer overflow
2007-12-12 00:00:00
Microsoft Message Queuing queue name buffer overflow
2007-12-12 00:00:00
canvas
canvas
Immunity Canvas: MS07_065
2007-12-12 00:46:00
cvelist
cvelist
CVE-2007-3039
2007-12-12 00:00:00
exploitdb
exploitdb
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)
2007-12-21 00:00:00

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SAINT:EEA347BBC6E6F612F035B23A7C57D201
checkpoint_advisories2nessus2packetstorm1cve1seebug2zdi1prion1exploitpack1securityvulns4saint3canvas1cvelist1exploitdb1