Penetration Testing mailing list archives
RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability
From: "Noonan, Wesley" <Wesley_Noonan () bmc com>
Date: Wed, 19 Mar 2003 11:05:34 -0600
In terms of stability, MS has added the following warning to the bulletin: "Warning If you are running Windows 2000 Service Pack 2 (SP2), you must check the version of Ntoskrnl.exe on your computer before you install this update. To do this: Open the %Windir%\System32 folder. Right-click the Ntoskrnl.exe file, click Properties, and then click the Version tab. Versions of Ntoskrnl.exe from 5.0.2195.4797 to 5.0.2195.4928 are not compatible with this update. These versions were distributed only with Microsoft Product Support Services hotfixes. If you install the update that is described in this article on a computer with an Ntoskrnl.exe version from 5.0.2195.4797 to 5.0.2195.4928, the computer stops responding with a "Stop 0x00000071" message when you restart the computer. If this occurs, you must recover the Windows installation by using Windows 2000 Recovery Console and the backup copy of the Ntdll.dll file that is stored in the Winnt\$NTUninstallQ815021$ folder" The full details are located here: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q815021&sd=tech I feel for the folks who blue screened their production servers they may have attempted to patch... Fortunately, we caught it on test systems first. HTH Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+ Senior QA Rep. BMC Software, Inc. (713) 918-2412 wnoonan () bmc com http://www.bmc.com
-----Original Message----- From: Royans Tharakan [mailto:RTharakan () ingenuity com] Sent: Tuesday, March 18, 2003 22:02 To: Sarah Kenna Groark; Nicolas Gregoire; Gary O'leary-Steele Cc: pen-test () securityfocus com Subject: RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability I checked this out. SANS had an emergency webcast this morning in which a lot of security engineers reviewed this bug. Few microsoft guys where there who confirmed that OWA uses its own version of WEBDAV which overrides the version which is installed by the OS. They said the version of WEBDAV in OWA is not vulnerable to this exploit. However, I'm still hunting for an exploit to test it. Obviously we don't want to upgrade OWA if it can be avoided. We don't know how stable the patch is at this point. rkt -----Original Message----- From: Sarah Kenna Groark [mailto:sarah () procinct com] Sent: Tuesday, March 18, 2003 4:35 PM To: Royans Tharakan; Nicolas Gregoire; Gary O'leary-Steele Cc: pen-test () securityfocus com Subject: RE: Microsoft Windows 2000 WebDAV Buffer Overflow VulnerabilitySomeone said that OWA is not at risk so we are not patching it forwebdav. Is there a definitive statement on this somewhere? I am trying to track down for a client whether OWA is vulnerable to this and unfortunately do not have an environment where I can test it myself at the moment. Any info much appreciated. Take care, // Sarah -------------------------------------------------------------------------- -- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
Current thread:
- Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Gary O'leary-Steele (Mar 18)
- Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Nicolas Gregoire (Mar 18)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Curt Purdy (Mar 18)
- <Possible follow-ups>
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Royans Tharakan (Mar 18)
- Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Renaud Deraison (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Rob Shein (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Royans Tharakan (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Frank Knobbe (Mar 19)
- Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Gerardo Richarte (Mar 21)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Frank Knobbe (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Aleksander P. Czarnowski (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Noonan, Wesley (Mar 19)
- RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Florian Hines (Mar 19)
- Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Dave Aitel (Mar 20)
- Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability Nicolas Gregoire (Mar 18)