Does anyone have experience with this vulnerability? I know that this is a "zero day" vulnerability, Microsoft has yet to release a patch. But what can we do about it?
(severity 3) Microsoft Windows Browser Election Heap Overflow Vulnerability - Zero Day
CVE ID: CVE-2011-0654
Vendor Reference: -
Bugtraq ID: -
Service Modified: 02/19/2011
User Modified: -
PCI Vuln: No
Microsoft Active Directory is an LDAP (Lightweight Directory Access Protocol) implementation distributed with multiple Windows operating systems.
Active Directory is prone to a remote heap-based buffer overflow vulnerability because the application fails to perform adequate boundary checks on
user-supplied data. This issue occurs when handling malformed election datagram packets sent to a computer when electing a new master browser.
Microsoft Windows Server 2003 Service Pack 2 is confirmed affected. Other systems might also be vulnerable
Successfully exploiting this vulnerability might allow a remote attacker to cause denial of service. Remote code execution might also be possible.
There are no vendor-supplied patches available at this time.
Description: MODULE USAGE - Metasploit Ref : /modules/auxiliary/dos/windows/smb/ms11_xxx_electbowser
Description: MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow - The Exploit-DB Ref : 16166
There is no malware information for this vulnerability.
Microsoft Windows BROWSER Election Heap Overflow Vulnerability.