exploits , vulnerabilities , articles , Microsoft Windows Server Message Block Handlers Remote Buffer Overflow Vulnerability

Title	Microsoft Windows Server Message Block Handlers Remote Buffer Overflow Vulnerability
Published	2005-02-08-12:00AM
Updated	2005-06-23-06:07PM
Class	Boundary Condition Error
CVE	CAN-2005-0045
Remote	Yes
Local	No
Credit	Discovery of this vulnerability is credited to eEYE Security. This issue was also independently discovered by Dave Aitel and Sinan Eren of Immunity Sec.
Vulnerable	Nortel Networks Symposium Express Call Center (SECC) Nortel Networks Symposium Call Center Server (SCCS) Nortel Networks Optivity Network Management System Nortel Networks Mobile Voice Client 2050 Nortel Networks IP softphone 2050 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP 64bit Edition Version 2003 SP1 Microsoft Windows XP 64bit Edition Version 2003 Microsoft Windows XP 64bit Edition SP1 Microsoft Windows XP 64bit Edition Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Enterprise Edition 64bit Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter Edition 64bit Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows NT Terminal Server 4.0 SP6a Microsoft Windows NT Terminal Server 4.0 SP5 Microsoft Windows NT Terminal Server 4.0 SP4 Microsoft Windows NT Terminal Server 4.0 SP3 Microsoft Windows NT Terminal Server 4.0 SP2 Microsoft Windows NT Terminal Server 4.0 SP1 Microsoft Windows NT Terminal Server 4.0 Microsoft Windows NT Server 4.0 SP6a Avaya DefinityOne Media Servers Avaya IP600 Media Servers Avaya S8100 Media Servers Microsoft Windows NT Server 4.0 SP5 Microsoft Windows NT Server 4.0 SP4 Microsoft Windows NT Server 4.0 SP3 Microsoft Windows NT Server 4.0 SP2 Microsoft Windows NT Server 4.0 SP1 Microsoft Windows NT Server 4.0 Microsoft Windows NT Enterprise Server 4.0 SP6a Microsoft Windows NT Enterprise Server 4.0 SP5 Microsoft Windows NT Enterprise Server 4.0 SP4 Microsoft Windows NT Enterprise Server 4.0 SP3 Microsoft Windows NT Enterprise Server 4.0 SP2 Microsoft Windows NT Enterprise Server 4.0 SP1 Microsoft Windows NT Enterprise Server 4.0 Microsoft Windows 2000 Server SP4 Microsoft Windows 2000 Server SP3 Microsoft Windows 2000 Server SP2 Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server Avaya DefinityOne Media Servers Avaya IP600 Media Servers Avaya S3400 Message Application Server Avaya S8100 Media Servers Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server
Not Vulnerable
Code	The following exploit has been provided by cybertronic@gmx.net: /data/vulnerabilities/exploits/win_smb_exp.c
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-07-03 Drupal Cross-Site Scripting, Code Injection and Information Disclosure Vulnerabilities
• 2009-07-03 phpMyAdmin SQL bookmark HTML Injection Vulnerability
• 2009-07-02 Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
• 2009-07-02 Radware AppWall Source Code Information Disclosure Vulnerability
• 2009-07-02 Joomla! Cross Site Scripting and Information Disclosure Vulnerabilities
• 2009-06-30 fuzzylime (cms) Multiple Local File Include Vulnerabilities
• 2009-06-30 FireStats Unspecified SQL Injection Vulnerability
• 2009-06-30 Pidgin OSCAR Protocol Web Message Denial of Service Vulnerability
• 2009-06-29 Mozilla Thunderbird/Seamonkey Multipart Alternative Message Memory Corruption Vulnerability
• 2009-06-29 Sun Solaris Event Port API Multiple Local Denial of Service Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Sat, 04 Jul 2009 08:07:08 +0000