• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

Solution:
Avaya has released an advisory to announce that Avaya System Products shipping on Microsoft platforms are also affected by this vulnerability. Avaya advise that customers follow the Microsoft recommendations for the resolution of this issue. The aforementioned advisory can be viewed at the following location:
http://support.avaya.com/japple/css/japple?temp.groupID=&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=161384&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

Microsoft has released fixes to address this issue.

US-CERT has released an advisory TA04-104A to address this and other issues. Please see the referenced advisory for more information.

Due to the availability of public exploit code and corresponding exploitation in the wild, administrators are strongly advised to apply the available patches or any applicable workarounds and mitigation.

June 15, 2004 - Microsoft has updated security bulletin MS04-011 to release a Windows NT 4.0 Workstation update for the Pan Chinese language. The Pan Chinese update should be installed by customers who installed Windows NT 4.0 Workstation for Pan Chinese update or who use the Pan Chinese product.


Microsoft Windows 2000 Server SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Advanced Server SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows NT Server 4.0 SP6a

• Microsoft Security Update for Windows NT Server 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=67A6F461-D2FC -4AA0-957E-3B8DC44F9D79&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en

Microsoft Windows NT Terminal Server 4.0 SP6

• Microsoft Security Update for Windows NT Server, Terminal Server Edition (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=62CBA527-A827 -4777-8641-28092D3AAE4F&displaylang=en

Microsoft Windows Server 2003 Standard Edition

• Microsoft Security Update for Windows Server 2003 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=EAB176D0-01CF -453E-AE7E-7495864E8D8C&displaylang=en

Microsoft Windows NT Workstation 4.0 SP6a

• Microsoft Security Update for Windows NT Workstation 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7F1713FC-F95C -43E5-B825-3CF72C1A0A3E&displaylang=en

Microsoft Windows XP 64-bit Edition SP1

• Microsoft Security Update for Windows XP 64 Bit Edition (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C6B55EF2-D9FE -4DBE-AB7D-73A20C82FF73&displaylang=en

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Professional SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition

• Microsoft Security Update for Windows Server 2003 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=EAB176D0-01CF -453E-AE7E-7495864E8D8C&displaylang=en

Microsoft Windows 2000 Professional SP2

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows Server 2003 Web Edition

• Microsoft Security Update for Windows Server 2003 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=EAB176D0-01CF -453E-AE7E-7495864E8D8C&displaylang=en

Microsoft Windows XP Home

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en

Microsoft Windows 2000 Advanced Server SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003 SP1

• Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en

Microsoft Windows 2000 Server SP3

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003

• Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en

Microsoft Windows NT Enterprise Server 4.0 SP6a

• Microsoft Security Update for Windows NT Server 4.0 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=67A6F461-D2FC -4AA0-957E-3B8DC44F9D79&displaylang=en

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB835732)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A -414C-B3EB-D2342FBB6C00&displaylang=en