Microsoft Windows XP/2000/NT 4 Locator Service Buffer Overflow Vulnerability

ID SSV:76004
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


It has been reported that the Microsoft Windows Locator service is affected by a remotely exploitable buffer overflow vulnerability. The condition is due to a memory copy of RPC arguments received from remote clients into a local buffer.

This vulnerability may be exploited by remote attackers to execute custom instructions on the target server. It is also possible to crash the service with a malicious request. It should be noted that, to exploit this vulnerability, no authentication is required. Additionally, the Locator service is enabled by default on all Windows 2000 and Windows NT Domain Controllers (DC).