Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows 2000 Message Queuing code execution
Published:15.10.2008
Source:
SecurityVulns ID:9368
Type:remote
Threat Level:
5/10
Description:Code execution via RPC-based service.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
CVE:CVE-2008-3479 (Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability.")
Original documentdocumentDVLabs, [Full-disclosure] TPTI-08-07: Microsoft Windows Message Queuing Service Heap Overflow and Memory Disclosure Vulnerability (15.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (951071) (15.10.2008)
Files:Microsoft Security Bulletin MS08-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod