Buffer Overrun In Microsoft's SNMP Implementation

A buffer overrun vulnerability exists in Microsoft's SNMP implementation.

Ken Pfeil

February 12, 2002

2 Min Read
ITPro Today logo in a gray background | ITPro Today

Reported February 12, 2002, byMicrosoft.

VERSIONS AFFECTED

 

·        Windows XP

·        Windows 2000

·        Windows NT 4.0

·        Windows Me

·        Windows 9x

 

DESCRIPTION
A buffer overrun vulnerability exists in Microsoft's SNMPimplementation that can lead to a Denial of Service (DoS) attack or remotecompromise of the system running SNMP. By sending a malformed management requestto the vulnerable system, an attacker can run code in the LocalSystem securitycontext and gain complete control of the system.

 

VENDOR RESPONSE

Thevendor, Microsoft, has released securitybulletin MS02-006,which addresses this vulnerability. Microsoft is developing a patch to makeavailable soon at the MS02-006 URL location.

 

CREDIT
Discovered by Microsoft.

Read more about:

Microsoft
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like