5248 : Microsoft Windows LSASS Remote Overflow
Printer | http://osvdb.org/5248 | Email This | Edit Vulnerability

Views This Week

Views All Time

396

Info

Last Modified

7 months ago

Percent Complete

100%

Disclosure

Apr 13, 2004

Discovery

Unknown

Dates

Exploit

Apr 29, 2004

Solution

Unknown

Description

A remote overflow exists in Windows. The LSA (Local Security Authority) Service fails to validate some input received on the LSARPC named pipe over TCP ports 139 and 445 resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 SP2
		2000 SP3
		2000 SP4
		XP
		XPSP1
		XP 64-bit Edition SP1
		XP 64-Bit Edition 2003
		2003 Server x64
		2003 Server

References

Security Tracker: 1009751
Bugtraq ID: 10108
Secunia Advisory ID: 11064
ISS X-Force ID: 15699
CVE ID: 2003-0533 (see also: NVD)
Related OSVDB ID: 5249 5250 5251 5252 5253 5254 5255 5256 5257 5258 5259 5260 5261
CERT VU: 753212
Mail List Post: http://lists.netsys.com/pipermail/full-disclosure/2004-April/020069.html
Generic Exploit URL: http://marc.theaimsgroup.com/?l=bugtraq&m=108325860431471&w=2
http://packetstormsecurity.org/0404-exploits/billybastard.c
http://www.metasploit.com/projects/Framework/exploits.html#lsass_ms04_011
Packet Storm: http://packetstormsecurity.nl/0405-exploits/sasserftpd.c
http://packetstormsecurity.nl/0405-exploits/win_msrpc_lsass_ms04-11_Ex.c
Other Advisory URL: http://www.eeye.com/html/Research/Advisories/AD20040413C.html
Microsoft Security Bulletin: MS04-011
CIAC Advisory: o-114
Keyword: sasser
US-CERT Cyber Security Alert: TA04-104A

Tools & Filters

Nessus

12209

Snort

2508 2511 2514 5095 5096 5097 5098 5099 5100 5101 5102 5103 5104 5105 5106 5107 5108 5109 5110 5111 5112 5113 5114 5115 5116 5117 5118 5119 5120 5121 5122 5123 5124 5125 5126 5127 5128 5129 5130 5131 5132 5133 5134 5135 5136 5137 5138 5139 5140 5141 5142 5143 5144 5145 5146 5147 5148 5149 5150 5151 5152 5153 5154 5155 5156 5157 5158 5159 5160 5161 5162 5163 5164 5165 5166 5167 5168 5169 5170 5171 5172 ... and 146 more

Credit

Yuji Ukai - alerteEye.com - eEye Digital Security

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Tools & Filters

Credit

Blogs

Comments