F-Secure
Tools
License Logging Server Heap Overflow Vulnerability
| Report ID: | SA200906001 |
| Source: | F-Secure |
| Date of Discovery: | 10.11.2009 |
| Criticality: | Critical |
| Affects: | Microsoft Windows 2000 Server Service Pack 4 |
| Compromise From: | From remote |
| Compromise Type: | System access |
Summary
A vulnerability has been reported to affect Microsoft Windows 2000 License Logging Server, which if exploited can allow an attacker to take complete control of the system.
Detailed Description
The vulnerability can be exploited by sending a specailly crafted network message to a machine running Microsoft Windows 2000 License Logging Server.
Solution
Apply patches.
Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=365a8dff-2383-42f6-b567-e545461fd135
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=365a8dff-2383-42f6-b567-e545461fd135
Original Reference
-