HOME > VULNERABILITIES NOTES


   VULNERABILITIES NOTES

CERT-In Vulnerability Note CIVN-2005-38
Vulnerability in Message Queuing Could Allow Code Execution

Original Issue Date: April 13, 2005

Severity Rating: Medium

Applications Affected

  • Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
  • Microsoft Windows 98 and Microsoft Windows 98 Second Edition (SE)

Overview

A remote code execution vulnerability exists in Message Queuing that could allow an attacker to take complete control of the affected system.

Description

Microsoft Message Queuing technology enables applications that are running at different times to communicate across heterogeneous networks and across systems that may be temporarily offline. An information disclosure vulnerability exists due to unchecked buffer in the Message Queuing component. An attacker could exploit this vulnerability by sending a specially crafted message to affected system. After successful exploitation the attacker could remotely read the user names of users who have an open connection to a shared resource. Also an attacker could try to exploit this vulnerability over the Internet by using RPC ports.

Workarounds

  • Block the following at the firewall:
    • UDP ports 135, 137, 138, 445, 1801, and 3527, and TCP ports 135, 139, 445, 593, 1801, 2101, 2103, 2105, and 2107
    • All unsolicited inbound traffic on ports greater than 1024
    • Any other specifically configured RPC port
  • Remove Message Queuing if not needed

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin MS05-017

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx

References

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx

CVE Reference:
CAN-2005-0059

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91 11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003