• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Plug And Play UMPNPMGR.DLL wsprintfW Buffer Overflow Vulnerability

Solution:
Avaya has released advisory ASA-2005-214 to state which Avaya products are affected by The October 2005 release of Microsoft Windows security updates. Please see the referenced advisory for further information.

Nortel Networks has released a technical support bulletin (2005006318) regarding this and other issues for their Centrex IP Client Manager (CICM). They report the vulnerabilities will be fixed in the upcoming 2.5, 7.0 and 8.0 maintenance releases. Please see the referenced bulletin for further information.

Fixes are available:


Microsoft Windows XP Media Center Edition SP2

• Microsoft Security Update for Windows XP (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1559E44A-DDEE -4C86-BF02-A6C3B9BEEE0C

Microsoft Windows XP Media Center Edition SP1

• Microsoft Security Update for Windows XP (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1559E44A-DDEE -4C86-BF02-A6C3B9BEEE0C

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=FFDB8AB7-F979 -41B4-9625-EA51CD503258

Microsoft Windows XP Home SP2

• Microsoft Security Update for Windows XP (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1559E44A-DDEE -4C86-BF02-A6C3B9BEEE0C

Microsoft Windows 2000 Datacenter Server SP4

• Microsoft Security Update for Windows 2000 (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=FFDB8AB7-F979 -41B4-9625-EA51CD503258

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1559E44A-DDEE -4C86-BF02-A6C3B9BEEE0C

Microsoft Windows XP Professional SP2

• Microsoft Security Update for Windows XP (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1559E44A-DDEE -4C86-BF02-A6C3B9BEEE0C

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=FFDB8AB7-F979 -41B4-9625-EA51CD503258

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB905749)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=FFDB8AB7-F979 -41B4-9625-EA51CD503258