11461 : Microsoft Windows Workstation Service WKSSVC.DLL Logging Function Remote Overflow
Printer | http://osvdb.org/11461 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
11	1922	about 9 years ago	over 2 years ago	17 times	100%

Timeline

Disclosure Date
2003-11-11

Time to Patch	Time to Exploit
57 days	57 days

Description

A remote overflow exists in the Windows Workstation Service of Microsoft Windows. The 'WKSSVC.DLL' fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution with SYSTEM privileges resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public, Exploit Commercial
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 SP3
		XP SP1
		2000 SP2
		2000 SP4
		XP SP1 64-Bit Edition

References

Secunia Advisory ID: 10193
Metasploit ID: 11461
Milw0rm: 119 123 130
Exploit Database: 119 123 130
ISS X-Force ID: 13639
CVE ID: 2003-0812 (see also: NVD)
OVAL ID: 331 575
SCIP VulDB ID: 383
CERT VU: 567620
Microsoft Knowledge Base Article: 828749
Bugtraq ID: 9011
CERT: CA-2003-28
Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2003-11/0114.html
http://research.eeye.com/html/advisories/published/AD20031111.html
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0114.html
Generic Exploit URL: http://immunitysec.com
Generic Informational URL: http://www.eeye.com/html/Research/Advisories/AD20031111.html [ Link is 404 ]
Vendor URL: http://www.microsoft.com/
Microsoft Security Bulletin: MS03-049
CIAC Advisory: o-022

Tools & Filters

	11921
Snort	2308 2309 2310 2311 2315 2316 8925 8926 8927 8928 8929 8930 8931 8932 8933 8934 8935 8936 8937 8938 8939 8940 8941 8942 8943 8944 8945 8946 8947 8948 8949 8950 8951 8952 8953 8954 8955 8956 8957 8958 8959 8960 8961 8962 8963 8964 8965 8966 8967 8968 8969 8970 8971 8972 8973 8974 8975 8976 8977 8978 8979 8980 8981 8982 8983 8984 8985 8986 8987 8988 8989 8990 8991 8992 8993 8994 8995 8996 8997 8998 8999 ... and 28 more
	ms03_049

Credit

Yuji Ukai - eEye Digital Security

CVSSv2 Score

CVSSv2 Base Score = 7.5
Source: nvd.nist.gov | Generated: 2003-12-31 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.