MajorRev: Microsoft Security Bulletin MS03-043 - Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 10/30/03

  • Next message: Firstname Lastname: "FW: Server problems caused by the application of a Microsoft Secu rity Patch" 
    Date:         Thu, 30 Oct 2003 16:04:46 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Reason for Revision:
    V2.0 October 29, 2003: A revised version of the security patch for
    Windows 2000, Windows XP, and Windows Server 2003 has been released to
    correct the issue documented by Knowledge Base Article 830846.

    Microsoft Security Bulletin MS03-043:
    Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

    Bulletin URL:
    http://www.microsoft.com/technet/security/bulletin/MS03-043.asp

    Summary:
      Version Number: V2.0
      Revision Date: 10-29-2003
      Impact of Vulnerability: Remote Code Execution
      Maximum Severity Rating: Critical
      Patch(es) Replaced: None
      Caveats: None
      CVE Number(s): CAN-2003-0717

    Tested Software:
      Affected Software:
      * Microsoft Windows NT Workstation 4.0, Service Pack 6a
    <http://www.ntbugtraq.com/link/7597FCF4-6615-4074-9E46-A17D808ED38D.asp>
      * Microsoft Windows NT Server 4.0, Service Pack 6a
    <http://www.ntbugtraq.com/link/B1949456-996A-485A-9A28-79FD79F26A1B.asp>
      * Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
    Pack 6
    <http://www.ntbugtraq.com/link/64AB4B66-1A6E-4264-93A8-26CDB98B05A8.asp>
      * Microsoft Windows 2000, Service Pack 2, Service Pack 3, Service Pack
    4 - <A
    HREF="http://www.microsoft.com/downloads/details.aspx?FamilyId=99F1B40D-
    906A-4945-A021-4B494CCCBDE0&displaylang=en">Download the
    patch</A></LI><LI>Microsoft Windows XP Gold, Service Pack 1
    <http://www.ntbugtraq.com/link/F02DA309-4B0A-4438-A0B9-5B67414C3833.asp>
      * Microsoft Windows XP 64-bit Edition
    <http://www.ntbugtraq.com/link/2BE95254-4C65-4CA5-80A5-55FDF5AA2296.asp>
      * Microsoft Windows XP 64-bit Edition Version 2003
    <http://www.ntbugtraq.com/link/8B990946-84C8-4C91-899C-5A44EC13174E.asp>
      * Microsoft Windows Server 2003
    <http://www.ntbugtraq.com/link/1DF106F3-7EC4-4EB0-9143-C1E3C9E2F5F8.asp>
      * Microsoft Windows Server 2003 64-bit Edition
    <http://www.ntbugtraq.com/link/8B990946-84C8-4C91-899C-5A44EC13174E.asp>

      Software Not Affected:
      * Microsoft Windows Millennium Edition

    This email is sent to NTBugtraq automatically as a service to my
    subscribers. (v2.0)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    Marcus Ranum's new book "The Myth of Homeland Security" is now out and
    is available from http://www.amazon.com/ranum In this hard-hitting
    review of the homeland security business, Ranum shows us how the problem
    is vastly harder than it's being made to sound, and how special
    interests, *** covering, and bureaucracy are threatening to derail any
    chance of making progress.
    -----

  • Next message: Firstname Lastname: "FW: Server problems caused by the application of a Microsoft Secu rity Patch"