• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Routing and Remote Access Remote Code Execution Vulnerability

Solution:
Microsoft has released an advisory along with fixes to address this issue. Please see the referenced advisory for more information.

Microsoft has updated security bulletin MS06-025 to re-release fixes to address issues affecting customers using a terminal window or dial-up scripting with dial-up connections. The vendor has also resolved issues involving scripts to change device configuration parameters using the following commands:

- set port parity
- set port databits
- set port stopbits

These issues arose for users after installing the original fixes released as part of MS06-025. More information is available in Microsoft's Knowledge Base Article 911280. Please see the references for details.


Microsoft Windows Server 2003 Datacenter Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows Server 2003 Datacenter x64 Edition

• Microsoft Security Update for Windows Server 2003 x64 Edition (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=bf9cef95-89fd -4ec3-be0a-93902f2bb768

Microsoft Windows Server 2003 Enterprise Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows XP Media Center Edition SP2

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows Server 2003 Datacenter Edition

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=c1af96b2-2807 -444b-82df-b6b61ec63715

Microsoft Windows Server 2003 Enterprise Edition Itanium SP1

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=890535c9-98cf -49a9-ae50-178e3c5fac6b

Microsoft Windows XP Tablet PC Edition SP1

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows Server 2003 Enterprise Edition

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows XP Home SP2

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows 2000 Datacenter Server SP4

• Microsoft Security Update for Windows 2000 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=c1af96b2-2807 -444b-82df-b6b61ec63715

Microsoft Windows XP Tablet PC Edition SP2

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows XP Media Center Edition SP1

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows Server 2003 Web Edition

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows XP Professional x64 Edition

• Microsoft Security Update for Windows XP x64 Edition (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=09d1a284-6a16 -44a5-a95e-8eb566401ce9

Microsoft Windows Server 2003 Web Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows Server 2003 Enterprise Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=890535c9-98cf -49a9-ae50-178e3c5fac6b

Microsoft Windows Server 2003 Standard Edition SP1

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows Server 2003 Standard Edition

• Microsoft Security Update for Windows Server 2003 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=b4264cb9-8979 -40e8-b903-bc8deda00fec

Microsoft Windows XP Professional SP2

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows Server 2003 Datacenter Edition Itanium SP1

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=890535c9-98cf -49a9-ae50-178e3c5fac6b

Microsoft Windows Server 2003 Standard x64 Edition

• Microsoft Security Update for Windows Server 2003 x64 Edition (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=bf9cef95-89fd -4ec3-be0a-93902f2bb768

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=c1af96b2-2807 -444b-82df-b6b61ec63715

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=c1af96b2-2807 -444b-82df-b6b61ec63715

Microsoft Windows Server 2003 Enterprise x64 Edition

• Microsoft Security Update for Windows Server 2003 x64 Edition (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=bf9cef95-89fd -4ec3-be0a-93902f2bb768

Microsoft Windows XP Professional SP1

• Microsoft Security Update for Windows XP (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=74838e2b-bd5f -4584-81f1-3250e6b69728

Microsoft Windows Server 2003 Datacenter Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB911280)
  http://www.microsoft.com/downloads/details.aspx?familyid=890535c9-98cf -49a9-ae50-178e3c5fac6b