• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Server Driver Mailslot Remote Heap Buffer Overflow Vulnerability

Microsoft Windows Server driver is prone to a remote heap buffer-overflow vulnerability. This issue is due to a failure of the software to properly bounds check user-supplied input prior to copying it to an insufficiently-sized memory buffer.

Exploiting this issue allows anonymous, remote attackers to execute arbitrary machine code in the context of the affected driver. This facilitates the complete compromise of affected computers.

Microsoft Windows XP SP2 and Microsoft Windows Server 2003 SP1 are not vulnerable to this issue in their default configuration.