Microsoft Windows Server Service Remote Buffer Overflow Vulnerability

Microsoft Windows Server Service Remote Buffer Overflow Vulnerability

Proof-of-concept exploits are available to members of the Immunity Partners program:

https://www.immunityinc.com/downloads/immpartners/ms06_040.tgz
https://www.immunityinc.com/downloads/immpartners/ms06_040.tar.gz

Another exploit for Immunity Partners is available:

https://www.immunityinc.com/downloads/immpartners/ms06_040-1.tar

This exploit reportedly works reliably against Windows 2003 with no service packs.

A Metasploit exploit module is available. It reportedly works against Windows NT 4.0, Windows 2000, Windows 2000 SP1 - SP4, Windows XP, and Windows XP SP1. It may result in a denial-of-service condition for Windows XP SP2 and Windows 2003 SP1.

A version of the Metasploit module has been ported to C and is available.

An additional exploit by ub3r st4r is available.

/data/vulnerabilities/exploits/ms06_040_remote_overflow_082706.txt
/data/vulnerabilities/exploits/netapi_win2003.pm
/data/vulnerabilities/exploits/netapi_ms06_040.pm
/data/vulnerabilities/exploits/netapi_ms06_040.c