• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Workstation Service Remote Buffer Overflow Vulnerability

Solution:
Microsoft has released security advisory MS03-049 to address this issue. Users are strongly advised to obtain fixes, as new attacker vectors greatly increase the speed of an attack on a targeted network.

Cisco has released a security advisory detailing affected Cisco products. See referenced advisory for details concerning obtaining fixes.


Microsoft Windows 2000 Server SP2

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Microsoft Windows 2000 Advanced Server SP2

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Cisco Internet Service Node

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Microsoft Windows XP Professional

• Microsoft WindowsXP-KB828035-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F02DA309-4B0A -4438-A0B9-5B67414C3833&displaylang=en

Cisco Conference Connection

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Microsoft Windows XP 64-bit Edition SP1

• Microsoft WindowsXP-KB828035-ia64-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2BE95254-4C65 -4CA5-80A5-55FDF5AA2296&displaylang=en

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Cisco Personal Assistant

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Microsoft Windows 2000 Professional SP3

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Microsoft Windows 2000 Professional SP2

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Microsoft Windows 2000 Datacenter Server SP4

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Microsoft Windows 2000 Advanced Server SP3

• Microsoft Windows2000-KB828749-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2467FE46-D167 -479C-9638-D4D79483F261&displaylang=en

Microsoft Windows XP Home

• Microsoft WindowsXP-KB828035-x86-ENU.exe
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F02DA309-4B0A -4438-A0B9-5B67414C3833&displaylang=en

Cisco Building BroadBand Services Manager Hotspot 1.0

• Cisco HotSpot 1.0 Service Pack 1
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsmhs10

Cisco Call Manager 1.0

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Conference Connection 1.1 (1)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Conference Connection 1.2

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Personal Assistant 1.3 (4)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Personal Assistant 1.3 (1)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Personal Assistant 1.4 (2)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Personal Assistant 1.4 (1)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 2.0

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco IP Call Center Express (IPCC Express) Enhanced 3.0

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco IP Call Center Express (IPCC Express) Standard 3.0

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 3.0

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 3.0

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 3.1

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 3.1 (3a)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 3.2

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Call Manager 3.3 (3)

• Cisco win-OS-Upgrade-k9.2000-2-5sr4.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 4.0.1

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 4.2

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 4.4

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 4.5

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 5.0

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52

Cisco Building Broadband Service Manager 5.1

• Cisco BBSM52SP2.exe
  http://www.cisco.com/pcgi-bin/tablebuild.pl/bbsm52