Vulnerability in the Microsoft Client Service for Netware (MS05-046)
| Attack ID: | CPAI-2005-138 |
 |
|
| Publish Date: | |
|
|
| Last Update: | |
|
|
| Category: | Remote Code Execution |
|
|
| Vulnerable Systems: | Windows 2000 Windows 2003 Windows NT4 Windows XP Windows XP SP2 |
|
|
| Source: | Microsoft Security Bulletin MS05-046 |
|
|
| Description: | Microsoft's Client Service for Netware provides connectivity infrastructure for Novel Netware systems. A buffer overflow vulnerability was detected in several Microsoft Windows operating systems that have Client Service for NetWare installed. |
|
|
| Severity: | |
| Details: | The vulnerability is due to a buffer overflow error in the Microsoft Client for Netware Service that does not properly handle specially crafted requests. |
|
|
| Attack Detection: | Users of VPN-1 NG with Application Intelligence R55W, users of VPN-1 NGX R60 and users of InterSpect will identify the attack by the following log entries: Attack Name: MS-RPC over CIFS violation Users of VPN-1 NG with Application Intelligence R55 will identify rule 99450 on the SmartView Tracker screen. |
|
|
| Solution: | Users of VPN-1 NG with Application Intelligence R55 and R55W, users of VPN-1 NGX R60 and users of InterSpect should update their SmartDefense by clicking Online Update (R55 - Update Now) in the SmartDashboard General window. To enable the protection: 3. Install security policy on all modules. |
|
|
| Industry Reference: | CAN-2005-1985 |
|
|
| Additional Information: | This update also includes: Microsoft DTC protection (MS05-051) - CPAI-2005-140 |
