The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer weakness note CVE-2006-3439

Windows: buffer overflow of server service via RPC

Synthesis of the vulnerability

An attacker can send a malicious RPC message in order to execute code on system.
Severity of this computer vulnerability: 3/4.
Creation date: 09/08/2006.
Revisions dates: 10/08/2006, 28/08/2006, 01/09/2006, 13/09/2006.
Références of this announce: 232, 70997, 921883, BID-19409, CERTA-2006-AVI-338, CVE-2006-3439, MS06-040, VIGILANCE-VUL-6064, VU#650769.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The server service provides the RPC feature (Remote Procedure Call), which is available via SMB/CIFS.

An attacker can create a RPC message leading to an overflow in the server service.

This vulnerability permits a remote attacker to execute code on system.
Full Vigil@nce bulletin... (Free trial)

This security bulletin impacts software or systems such as Windows 2000, Windows 2003, Windows NT, Windows XP.

Our Vigil@nce team determined that the severity of this cybersecurity announce is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this vulnerability alert.

Solutions for this threat

Windows: patch for server service.
A patch is available:
Microsoft Windows 2000 SP4
Microsoft Windows XP SP1, SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Gold, SP1
Microsoft Windows Server 2003 Itanium Gold, SP1
Microsoft Windows Server 2003 x64 Edition
A workaround is to block 139/tcp and 445/tcp ports.
Cisco's announce indicates how to configure their devices to protect against attacks.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a systems vulnerabilities patch. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities.