Microsoft Windows Server First Class Mailslot Message Remote Code Execution
Publish Date: 21 de июля de 2015
Severity: : High
CVE Kennungen: : CVE-2006-1314
Advisory Date: 21 de июля de 2015
DESCRIPTION
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to expose sensitive information and compromise a vulnerable system.
1) A boundary error in the Server service (SRV.SYS) when handling first-class Mailslot messages can be exploited to corrupt memory by sending a specially crafted packet to the service.
Successful exploitation allows execution of arbitrary code.
2) An uninitialised buffer in the Server protocol driver can be exploited to view data from the Server Message Block buffers by sending specially crafted packets to the service.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1001304
Trend Micro Deep Security DPI Rule Name: 1001304 - Microsoft Windows Server First Class Mailslot Message Remote Code Execution
AFFECTED SOFTWARE AND VERSION:
- Microsoft Windows 2000 Server SP4
- Microsoft Windows Server 2003
- Microsoft Windows Server 2003 Datacenter SP1
- Microsoft Windows XP 64-bit
- Microsoft Windows XP SP1
- Microsoft Windows XP SP2