SMB: License Logging Service Vulnerability
This signature detects attempts to exploit a known vulnerability in the License Logging service. Attackers, sending a malformed network message, can gain complete control allowing them to remotely execute arbitrary code on the target system.
Extended Description
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."
Affected Products
Microsoft windows_2000
References
BugTraq: 12481
CVE: CVE-2005-0050
URL: http://www.microsoft.com/technet/security/Bulletin/MS05-010.mspx http://www.kb.cert.org/vuls/id/130433
Short Name
SMB:EXPLOIT:LLS-NAME
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
CVE-2005-0050 License Logging Service Vulnerability bid:12481
Release Date
02/08/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0