MS06-035 (CVE-2006-1314) looks to be the most dangerous of the
vulnerabilities announced this month, specifically the Mailslot heap overflow. The vulnerability can be exploited remotely against the "Server" service. So this would definitely be something that could be used for widespread compromise with no user interaction, or a worm. Looks like Windows 2000 SP4 is vulnerable by default. Windows XP SP2 and Server 2003 don't appear to be vulnerable with a default installation unless services are listening on Mailslots. At this point, it is unclear exactly what software would enable Mailslots to create a vulnerable condition. So how long before exploit code is available? Well, clever readers will have noticed that Pedram Amini and H D Moore are credited with discovering this vulnerability (the Mailslot heap overflow). Those guys are some of the best in the business, so you do the math... I'm guessing that they have had reliable exploit code working for a while now. (I can just see all the script kiddies hitting refresh every ten seconds on metasploit.com). You should probably make this your top priority in patching. |
Kyle 112 Posts |
Subscribe |
Jul 11th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!