• info
• discussion
• exploit
• solution
• references

Windows NT 4.0 / 2000 cmd.exe Buffer Overflow Vulnerability

Solution:
Microsoft has released patches which rectify this issue:


Microsoft Windows NT Enterprise Server 4.0

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Terminal Server 4.0

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20503


• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Workstation 4.0 SP6a

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP3

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Workstation 4.0 SP5

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP4

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Workstation 4.0 SP2

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP5

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Workstation 4.0 SP4

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Terminal Server 4.0 SP2

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Terminal Server 4.0 SP4

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Server 4.0 SP6a

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP1

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows 2000 Professional

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20503


• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Terminal Server 4.0 SP1

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Enterprise Server 4.0 SP2

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0 SP3

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Terminal Server 4.0 SP3

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Workstation 4.0 SP6

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0 SP1

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Workstation 4.0

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP6

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Terminal Server 4.0 SP6

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Workstation 4.0 SP3

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Enterprise Server 4.0 SP6a

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0 SP6

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0 SP5

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Server 4.0 SP2

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows NT Terminal Server 4.0 SP5

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20586

Microsoft Windows NT Workstation 4.0 SP1

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows 2000 Advanced Server

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20503

Microsoft Windows NT Server 4.0 SP4

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20494

Microsoft Windows 2000 Server

• Microsoft Q259622
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20503