Vulnerability Note VU#753212

Microsoft LSA Service contains buffer overflow in DsRolepInitializeLog() function

Overview

The Windows Local Security Authority Service Server (LSASS) contains a vulnerability that may permit an attacker to completely compromise the system.

I. Description

A buffer overflow vulnerability exists in a Microsoft Active Directory service logging function that is exposed by the LSASS DCE/RPC interface. The vulnerability occurs due to the misuse of a vsprintf() call. For a full technical description, please see eEye Digital Security's Advisiory. This vulnerability affects the following systems:

II. Impact

A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system.

III. Solution

Apply a patch from the vendor


Microsoft Security Bulletin MS04-011 contains patch information to resolve this issue.

Systems Affected

VendorStatusDate Updated
Microsoft CorporationVulnerable13-Apr-2004

References


http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx
http://www.eeye.com/html/Research/Advisories/AD20040413C.html

Credit

The Microsoft Security Bulletin credits eEye Digital Security for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

Date Public04/13/2004
Date First Published04/13/2004 09:24:03 PM
Date Last Updated04/13/2004
CERT Advisory 
CVE NameCAN-2003-0533
Metric35.44
Document Revision7

CERT Copyright Material