AnsweredAssumed Answered

Microsoft Windows Browser Election Heap Overflow Vulnerability - Zero Day

Question asked by zentiva on Apr 19, 2011
Latest reply on Apr 20, 2011 by amolsarwate

Hello,


Does anyone have experience with this vulnerability? I know that this is a "zero day" vulnerability, Microsoft has yet to release a patch. But what can we do about it?


M.

 

 

 

(severity 3) Microsoft Windows Browser Election Heap Overflow Vulnerability - Zero Day

 

QID: 90687
Category: Windows
CVE ID: CVE-2011-0654
Vendor Reference: -
Bugtraq ID: -
Service Modified: 02/19/2011
User Modified: -
Edited: No
PCI Vuln: No

 

THREAT:
Microsoft Active Directory is an LDAP (Lightweight Directory Access Protocol) implementation distributed with multiple Windows operating systems.
Active Directory is prone to a remote heap-based buffer overflow vulnerability because the application fails to perform adequate boundary checks on
user-supplied data. This issue occurs when handling malformed election datagram packets sent to a computer when electing a new master browser.

 

Affected Systems:
Microsoft Windows Server 2003 Service Pack 2 is confirmed affected. Other systems might also be vulnerable

 

IMPACT:
Successfully exploiting this vulnerability might allow a remote attacker to cause denial of service. Remote code execution might also be possible.

 

SOLUTION:
There are no vendor-supplied patches available at this time.

 

COMPLIANCE:
Not Applicable

 

EXPLOITABILITY:

 

Metasploit
  Reference: CVE-2011-0654
  Description: MODULE USAGE - Metasploit Ref : /modules/auxiliary/dos/windows/smb/ms11_xxx_electbowser
  Link: http://www.metasploit.com/modules/auxiliary/dos/windows/smb/ms11_xxx_electbowser

 

The Exploit-DB
  Reference: CVE-2011-0654
  Description: MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow - The Exploit-DB Ref : 16166
  Link: http://www.exploit-db.com/exploits/16166

 

ASSOCIATED MALWARE:
There is no malware information for this vulnerability.

 

RESULTS:
Microsoft Windows BROWSER Election Heap Overflow Vulnerability.

Outcomes