MS-RPC: Microsoft Server Service Overflow (2)
This signature detects attempts to exploit a known vulnerability in the Microsoft Server service RPC. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
Affected Products
Microsoft windows_2000
References
BugTraq: 19409
CVE: CVE-2006-3439
URL: http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx
Short Name
MS-RPC:OF:SRV-SVC-2
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
MS-RPC
Keywords
(2) CVE-2006-3439 Microsoft Overflow Server Service bid:19409
Release Date
08/08/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0