Buffer Overrun In Microsoft's SNMP Implementation
A buffer overrun vulnerability exists in Microsoft's SNMP implementation.
February 12, 2002
Reported February 12, 2002, byMicrosoft.
VERSIONS AFFECTED
· Windows XP
· Windows 2000
· Windows NT 4.0
· Windows Me
· Windows 9x
DESCRIPTION
A buffer overrun vulnerability exists in Microsoft's SNMPimplementation that can lead to a Denial of Service (DoS) attack or remotecompromise of the system running SNMP. By sending a malformed management requestto the vulnerable system, an attacker can run code in the LocalSystem securitycontext and gain complete control of the system.
VENDOR RESPONSE
Thevendor, Microsoft, has released securitybulletin MS02-006,which addresses this vulnerability. Microsoft is developing a patch to makeavailable soon at the MS02-006 URL location.
CREDIT
Discovered by Microsoft.
Read more about:
MicrosoftAbout the Author
You May Also Like