APP: Kerberos Microsoft ASN.1 Library Bit String Heap Corruption
This signature detects attempts to exploit a known vulnerability in the ASN.1 library of a Microsoft Kerberos server. Attackers can send a malicious request to a Kerberos server, which can result in executing arbitrary code.
Extended Description
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Affected Products
Microsoft windows_2000
Short Name
APP:KERBEROS:MS-KERB-ASN-BIT
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
ASN.1 Bit CVE-2003-0818 Corruption Heap Kerberos Library Microsoft String bid:9633
Release Date
02/11/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
UDP/88
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5