|
| |||||||
| Registrarse | Preguntas Frecuentes | Lista de Foreros | Calendario | Buscar | Temas de Hoy | Marcar Foros Como Leídos |
 |
| | LinkBack | Herramientas | Desplegado |
13-07-2004, 21:20:24
| |||
| |||
 [Vulnerable] Microsoft Windows Task Scheduler Microsoft Windows Task Scheduler Buffer Overflow Vulnerability http://secunia.com/advisories/12060/ Secunia Advisory: SA12060 Release Date: 2004-07-13 Critical: Moderately critical Impact: System access Where: From remote OS: Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Professional Microsoft Windows 2000 Server Microsoft Windows NT 4.0 Server Microsoft Windows NT 4.0 Server, Terminal Server Edition Microsoft Windows NT 4.0 Workstation Microsoft Windows XP Home Edition Microsoft Windows XP Professional Choose a product and view comprehensive vulnerability statistics and all Secunia advisories affecting it. CVE reference: CAN-2004-0212 Description: Microsoft has issued an update for Windows. This fixes a vulnerability, allowing malicious websites to execute arbitrary code on a vulnerable system. The vulnerability is caused due a boundary error during application name validation in the Task Scheduler. According to Microsoft, this could lead to system access if the current user has administrative privileges. This affects Microsoft Windows 2000 and Windows XP. Microsoft Windows NT 4 is also affected if Internet Explorer 6 SP1 is installed. Solution: Microsoft has released updates. Microsoft Windows 2000 (SP2, SP3, and SP4): http://www.microsoft.com/downloa...-...displaylang=en Microsoft Windows XP (SP1): http://www.microsoft.com/downloa...-...displaylang=en Microsoft Windows XP 64-Bit Edition: http://www.microsoft.com/downloa...-...displaylang=en Microsoft Windows NT 4 (SP6a) with Internet Explorer 6 SP1: http://www.microsoft.com/downloa...-...displaylang=en Provided and/or discovered by: Microsoft credits the following with the discovery: * Brett Moore of Security-Assessment.com * Dustin Schneider * Peter Winter-Smith of Next Generation Security Software Original Advisory: MS04-022 (KB841873): http://www.microsoft.com/technet/sec.../ms04-022.mspx -- Meritorios de Filtrado (Kill-File Global): tella llop, jm (N.B. 2003.10.25) «Prefiero molestar con la verdad que complacer con adulaciones (Lucio Anneo Seneca)»  |
| Today
| ||||
| ||||
 Sponsored Links |
|
| Herramientas | |
| Desplegado | |
| |
Temas Similares | ||||
| Tema | Autor | Foro | Respuestas | Último mensaje |
| [Vulnerable] Microsoft Windows Task Scheduler | Ille Corvus | Newsgroup es.comp.seguridad.so | 0 | 13-07-2004 21:20:24 |
| [Vulnerable] Microsoft Windows POSIX Subsystem | Ille Corvus | Newsgroup es.comp.seguridad.so | 0 | 13-07-2004 21:20:17 |
| [VULNERABLE] Microsoft Windows Logon | Ille Corvus | Newsgroup es.comp.seguridad.misc | 0 | 19-06-2004 13:36:14 |
| [VULNERABLE] Microsoft Windows Logon | Ille Corvus | Newsgroup es.comp.seguridad.so | 0 | 19-06-2004 13:36:14 |
| [VULNERABLE] Microsoft Windows Private Communications | Ille Corvus | Newsgroup es.comp.seguridad.misc | 0 | 13-06-2004 13:53:28 |
![[Vulnerable] Microsoft Windows Task Scheduler](http://www.newsgrupos.com/iconimages/es-comp-seguridad-misc/vulnerable-microsoft-windows-task-scheduler_ltr.gif)
Mode Lineal
