MS-RPC: Windows Messenger Pop-Up
This signature detects attempts to send pop-up messages using the Windows Messenger service. Spammers can use this service to send unsolicited messages to Windows users. However, because pop-up windows can also be used for valid administrative notices, this signature might detect non-malicious activity.
Extended Description
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Affected Products
Microsoft windows_2000
References
BugTraq: 8826
CVE: CVE-2003-0717
URL: http://support.microsoft.com/default.aspx?scid=KB;EN-US;168893&
Short Name
MS-RPC:MESSENGER-POPUP
Severity
Minor
Recommended
False
Recommended Action
None
Category
MS-RPC
Keywords
CVE-2003-0717 Messenger Pop-Up Windows bid:8826
Release Date
09/30/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Occasionally
Vendors
Microsoft
CVSS Score
7.5