Windows LSASS buffer overflow

Added: 04/04/2006
CVE: CVE-2003-0533
BID: 10108
OSVDB: 5248

Background

The Local Security Authority Subsystem Service (LSASS) provides an interface for managing local security, domain authentication, and Active Directory processes.

Problem

A buffer overflow in the DsRolepInitializeLog function in the Windows LSASS service allows remote command execution.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 04-011.

References

http://www.kb.cert.org/vuls/id/753212

Limitations

This exploit may cause the target system to crash.

Platforms

Windows 2000
Windows XP

Back to exploit index