TITLE: Microsoft Windows WINS "Name" Validation Vulnerability SECUNIA ADVISORY ID: SA13466 VERIFY ADVISORY: http://secunia.com/advisories/13466/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network OPERATING SYSTEM: Microsoft Windows 2000 Advanced Server http://secunia.com/product/21/ Microsoft Windows 2000 Datacenter Server http://secunia.com/product/1177/ Microsoft Windows 2000 Server http://secunia.com/product/20/ Microsoft Windows NT 4.0 Server http://secunia.com/product/18/ Microsoft Windows NT 4.0 Server, Terminal Server Edition http://secunia.com/product/19/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ DESCRIPTION: Kostya Kortchinsky has reported two vulnerabilities in Microsoft Windows, allowing malicious people to compromise a vulnerable system. 1) The vulnerability is caused due to an unchecked buffer in the handling of the "Name" parameter from certain packets. This can be exploited to cause a buffer overflow and lead to execution of arbitrary code. 2) This update also fixes a previously described vulnerability, for more information: SA13328 SOLUTION: Apply patches. Microsoft Windows NT Server 4.0 (requires Service Pack 6a): http://www.microsoft.com/downloads/details.aspx?FamilyId=38E9DB8C-5C43-4E9A-9DC9-97C2686A45F1 Microsoft Windows NT Server 4.0 Terminal Server Edition (requires Service Pack 6): http://www.microsoft.com/downloads/details.aspx?FamilyId=D7AB3F6F-26FE-4AE8-A07A-481D772D03A6 Microsoft Windows 2000 Server (requires Service Pack 3 or Service Pack 4): http://www.microsoft.com/downloads/details.aspx?FamilyId=40146B52-5546-489E-857E-01FE1EF709B2 Microsoft Windows Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=10836F38-A38B-47D5-B87B-18D8E26EEFAA Microsoft Windows Server 2003 64-Bit Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=06CF9E85-C66D-4A7D-B2EB-99DE9423B60F PROVIDED AND/OR DISCOVERED BY: Kostya Kortchinsky, CERT Renater ORIGINAL ADVISORY: MS04-045 (KB870763): http://www.microsoft.com/technet/security/bulletin/ms04-045.mspx OTHER REFERENCES: SA13328: http://secunia.com/advisories/13328/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------