Info

Disclosure

Apr 13, 2004

Discovery

Unknown

Dates

Exploit

Apr 29, 2004

Solution

Aug 10, 2004

Description

A remote overflow exists in Windows. The LSA (Local Security Authority) Service fails to validate some input received on the LSARPC named pipe over TCP ports 139 and 445 resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 SP2
		2000 SP3
		2000 SP4
		XP
		XPSP1
		XP 64-bit Edition SP1
		XP 64-Bit Edition 2003
		2003 Server x64
		2003 Server

References

Security Tracker: 1009751
Bugtraq ID: 10108
Secunia Advisory ID: 11064
ISS X-Force ID: 15699
CVE ID: 2003-0533 (see also: NVD)
Milw0rm: 293 295
Exploit Database: 293 295
Metasploit ID: 5248
Related OSVDB ID: 5249 5250 5251 5252 5253 5254 5255 5256 5257 5258 5259 5260 5261
SCIP VulDB ID: 599
CERT VU: 753212
Generic Exploit URL: http://immunitysec.com
http://marc.theaimsgroup.com/?l=bugtraq&m=108325860431471&w=2
http://packetstormsecurity.org/0404-exploits/billybastard.c
http://www.metasploit.com/projects/Framework/exploits.html#lsass_ms04_011
http://www.saintcorporation.com/cgi-bin/exploit_info/windows_lsass
Mail List Post: http://lists.netsys.com/pipermail/full-disclosure/2004-April/020069.html
Packet Storm: http://packetstormsecurity.nl/0405-exploits/sasserftpd.c
http://packetstormsecurity.nl/0405-exploits/win_msrpc_lsass_ms04-11_Ex.c
Other Advisory URL: http://research.eeye.com/html/advisories/published/AD20040413C.html
http://www.eeye.com/html/Research/Advisories/AD20040413C.html [ Link is 404 ]
Microsoft Security Bulletin: MS04-011
CIAC Advisory: o-114
Keyword: sasser
US-CERT Cyber Security Alert: TA04-104A

Credit

Yuji Ukai - alerteEye.com - eEye Digital Security

Direct URL: http://osvdb.org/5248

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit