Full Disclosure mailing list archives
Re: Microsoft MSDTC NdrAllocate Validation Vulnerability
From: ". Solo" <soloaway () gmail com>
Date: Fri, 12 May 2006 11:14:49 +0800
Shut the fuck up!! 2006/5/11, 0x80 () hush ai <0x80 () hush ai>:
Shouldnt this be considered low risk and not medium? On Wed, 10 May 2006 17:01:09 -0700 Avert <avert () avertlabs com> wrote: >McAfee, Inc. >McAfee Avert(tm) Labs Security Advisory >Public Release Date: 2006-05-09 > >Microsoft MSDTC NdrAllocate Validation Vulnerability > >CVE-2006-0034 >___________________________________________________________________ >___ > >* Synopsis > >There is an RPC procedure within the MSDTC interface in >msdtcprx.dll >that may be called remotely without user credentials in such a way >that >triggers a denial-of-service in the Distributed Transaction >Coordinator >(MSDTC) service. > >Exploitation can at most lead to a denial of service and therefore >the >risk factor is at medium. >___________________________________________________________________ >___ > >* Vulnerable Systems > >Microsoft Windows 2000 >Microsoft Windows XP >Microsoft Windows Server 2003 > >___________________________________________________________________ >___ > >* Vulnerability Information > >The msdtcprx.dll shared library contains RPC procedures for use >with >the Distributed Transaction Coordinator (MSDTC) service utilized >in >Microsoft Windows. > >By sending a large (greater than 4k) request to BuildContextW(), a >size check can be bypassed and a bug in NdrAllocate() may be >reached. > >This vulnerability was reported to Microsoft on October 12, 2005 > >___________________________________________________________________ >___ > >* Resolution > >Microsoft has provided a patch for this issue. Please see their >bulletin, KB913580, for more information on obtaining and >installing >the patch. > > >___________________________________________________________________ >___ > >* Credits > >This vulnerability was discovered by Chen Xiaobo of McAfee Avert >Labs. > >___________________________________________________________________ >___ > >___________________________________________________________________ >___ > >* Legal Notice > >Copyright (C) 2006 McAfee, Inc. >The information contained within this advisory is provided for the >convenience of McAfee's customers, and may be redistributed >provided >that no fee is charged for distribution and that the advisory is >not >modified in any way. McAfee makes no representations or >warranties >regarding the accuracy of the information referenced in this >document, >or the suitability of that information for your purposes. > >McAfee, Inc. and McAfee Avert Labs are registered Trademarks of >McAfee, >Inc. and/or its affiliated companies in the United States and/or >other >Countries. All other registered and unregistered trademarks in >this >document are the sole property of their respective owners. > >___________________________________________________________________ >___ > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft MSDTC NdrAllocate Validation Vulnerability Avert (May 10)
- <Possible follow-ups>
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability 0x80 (May 11)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability . Solo (May 11)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability 0x80 (May 15)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability . Solo (May 16)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability bart.lansing (May 16)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability 0x80 (May 16)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability Rajesh V (May 17)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability 0x80 (May 20)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability ad () heapoverflow com (May 20)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability 0x80 (May 20)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability ad () heapoverflow com (May 20)
- Re: Microsoft MSDTC NdrAllocate Validation Vulnerability Barrie Dempster (May 21)
(Thread continues...)