|
|
Info |
Last Modified |
| 7 months ago |
|
|
|
|
Description |
A remote overflow exists in the Microsoft Windows SSL library. The library fails to verify a field length during PCT 1.0 protocol negotiation. Any application which negotiates SSL using the Windows API may be vulnerable to this attack. With a specially crafted request, an attacker can execute arbitrary code with LocalSystem privileges, resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
Windows 2003 includes the vulnerable code, but ships with PCT disabled.
|
|
Solution |
Apply the appropriate patch for your operation system. It is also possible to correct the flaw by implementing the following workaround(s):
1. Open the Registry Editor.
2. Locate the following key:
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server
3. In the Edit menu, click Add Value.
4. In the Data Type drop-down list, choose REG_BINARY.
5. In the Value Name text box, type "Enabled" (without the quotation marks) and click OK.
6. In the Binary Editor, set the new keys value to equal 0 by entering the following string: 00000000.
7. Click OK and then restart the computer.
|
|
Products |
|
Windows
 |
2000 |
2003 |
95 |
98 |
ME |
NT 4.0 |
XP |
|
|
|
|
|
|
Credit |
- Mark Dowd - Avert
 avertlabs.com - McAfee Avert(tm) Labs
- Neel Mehta - Internet Security Systems
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
