Microsoft WINS replication service pointer corruption

Added: 02/10/2006
CVE: CVE-2004-1080
BID: 11763
OSVDB: 12378

Background

The Windows Internet Naming Service (WINS) maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers.

Problem

The WINS replication protocol allows the client to modify the memory pointer which is used in the communication which follows, leading to command execution.

Resolution

Install the patch referenced in Microsoft Security Bulletin 04-045.

References

http://www.immunitysec.com/downloads/instantanea.pdf

Platforms

Windows

Back to exploit index