|
|
|
|
| |
Credit:
The information has been provided by Cody Pierce.
The original article can be found at: http://dvlabs.tippingpoint.com/advisory/TPTI-09-07
|
| |
Vulnerable Systems:
* Microsoft Windows 2000
The specific flaw exists in the handling of RPC calls to the License Logging Service (llssrv.exe). When processing arguments to the LlsrLicenseRequestW method a character array is expected to contain a terminating null byte. By supplying data that does not end in a null it is possible to overlap a call to lstrcatW, resulting in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the SYSTEM account.
Patch Availability:
Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/Bulletin/ms09-064.mspx
CVE Information:
CVE-2009-2523
Disclosure Timeline:
2009-06-15 - Vulnerability reported to vendor
2009-11-10 - Coordinated public release of advisory
-------------------------------------------------------------------------------------------------------------------------------
This vulnerability and over 10,000 others are identified and reported by AVDS, the most technically sophisticated network vulnerability assessment and management system available.
|
|
|
|
|
