---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Microsoft Windows SMB Buffer Underflow Vulnerability SECUNIA ADVISORY ID: SA32249 VERIFY ADVISORY: http://secunia.com/advisories/32249/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network OPERATING SYSTEM: Microsoft Windows 2000 Advanced Server http://secunia.com/advisories/product/21/ Microsoft Windows 2000 Datacenter Server http://secunia.com/advisories/product/1177/ Microsoft Windows 2000 Professional http://secunia.com/advisories/product/1/ Microsoft Windows 2000 Server http://secunia.com/advisories/product/20/ Microsoft Windows XP Home Edition http://secunia.com/advisories/product/16/ Microsoft Windows XP Professional http://secunia.com/advisories/product/22/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/advisories/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/advisories/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/advisories/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/advisories/product/1176/ Microsoft Windows Server 2008 http://secunia.com/advisories/product/18255/ Microsoft Windows Storage Server 2003 http://secunia.com/advisories/product/12399/ Microsoft Windows Vista http://secunia.com/advisories/product/13223/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error in the handling of file names in the Microsoft SMB (Server Message Block) protocol, which can be exploited to cause a buffer underflow. Successful exploitation may allow execution of arbitrary code, but requires access to a disk share. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=9ED29C3A-0682-4586-BBC2-A73DEAA18E4C Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=2F7E5981-6EEF-4F08-86C0-C6A7607EA5D0 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=4E1675EB-6B06-48E9-9765-23A2C7737BDC Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=DBBEBB3F-F1C7-402C-BD16-6F88DA0D042C Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=989AC6F1-515C-467D-A200-2AABE66D9319 Windows Server 2003 with SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=91589CFB-15BA-4DD2-9E3B-107899FBCBA6 Windows Vista and Windows Vista SP1: http://www.microsoft.com/downloads/details.aspx?familyid=72DD6015-25D1-45F4-A769-88AC43074B44 Windows Vista x64 Edition and Windows Vista x64 Edition SP1: http://www.microsoft.com/downloads/details.aspx?familyid=F793AF16-5464-4DB1-A42B-1C5F17C538ED Windows Server 2008 for 32-bit systems: http://www.microsoft.com/downloads/details.aspx?familyid=CF6744E6-B54C-40F6-A78D-7BA9453133C0 Windows Server 2008 for x64-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=223236E8-7B19-4B47-8A90-BFC35EB9318A Windows Server 2008 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=077B697C-04A0-45BD-B08C-331D5C30CB47 PROVIDED AND/OR DISCOVERED BY: The vendor credits Joshua Morin, Codenomicon. ORIGINAL ADVISORY: MS08-063 (KB957095): http://www.microsoft.com/technet/security/Bulletin/MS08-063.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------