| Definition Id: oval:org.mitre.oval:def:331 |
Date: 2004-09-13 |
| Title: |
Windows XP Workstation Service Logging Function Buffer Overflow |
| Description: |
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API. |
| Version: |
2 |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-0812
|
| Family: |
windows |
| Platform(s): |
Microsoft Windows XP |
Product(s): |
Microsoft Windows Workstation Service |
| Definition Synopsis: |
- Software section
- a vulnerable version of wkssvc.dll exists
- no service pack is installed and wkssvc.dll is less than 5.1.2600.120
- OR service pack 1 is installed and wkssvc.dll is less than 5.1.2600.1301
- AND NOT the patch q828035 is installed (Hotfix key)
- AND Windows XP (sp1 or earlier) is installed
- AND Configuration section
|
