Alert: Microsoft Security Bulletin MS04-043 - Vulnerability in HyperTerminal Could Allow Code Execution (873339)

From: Russ Cooper (Russ.Cooper_at_TRUSECURE.CA)
Date: 12/14/04

  • Next message: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)"
    Date:         Tue, 14 Dec 2004 13:26:35 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Microsoft Security Bulletin MS04-043:
    Vulnerability in HyperTerminal Could Allow Code Execution (873339)

    Bulletin URL:
    <http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx>

    Version Number: 1.0
    Issued Date: Tuesday, December 14, 2004
    Impact of Vulnerability: Remote Code Execution
    Maximum Severity Rating: Important
    Patch(es) Replaced: None
    Caveats: None

    Tested Software:
    Affected Software:
    ------------------
    * Microsoft Windows NT Server 4.0 Service Pack 6a
    <http://tinyurl.com/5pb4h>
    * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    <http://tinyurl.com/3pmln>
    * Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    <http://tinyurl.com/6e79q>
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    <http://tinyurl.com/5wks9>
    * Microsoft Windows XP 64-Bit Edition Service Pack 1
    <http://tinyurl.com/5edyt>
    * Microsoft Windows XP 64-Bit Edition Version 2003
    <http://tinyurl.com/43kob>
    * Microsoft Windows Server 2003
    <http://tinyurl.com/5swgd>
    * Microsoft Windows Server 2003 64-Bit Edition
    <http://tinyurl.com/43kob>

    Technical Description:
    ----------------------
    * HyperTerminal Vulnerability - CAN-2004-0568: A remote code execution vulnerability exists in HyperTerminal because of a buffer overrun. An attacker could exploit the vulnerability by constructing a malicious HyperTerminal session file that could potentially allow remote code execution. An attacker could then persuade a user to open this file. This vulnerability could attempt to be exploited through a malicious Telnet URL if HyperTerminal has been set as the default Telnet client. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability

    This email is sent to NTBugtraq automagically as a service to my subscribers. (v4.01.1796.25439)

    Cheers,
    Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

    --
    Editor's Note: The 43rd Most Powerful Person in Networking says...
    Register today to take the TruSecure ICSA exam by 12/31/04  at
    <http://www.2test.com> ,  use promo code "CT1204" and you will pay just
    $221.25 US Dollars for domestic exam delivery and  $296.25 US Dollars
    for international delivery.
    Visit <https://ticsa.trusecure.com>  for complete details regarding the
    TICSA credential and to take the free sample exam.
    --
    

  • Next message: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)"

    Relevant Pages

    • Cisco Security Response: Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability
      ... remote users that establish sessions with our corporate network. ... Microsoft Windows 2000 Service Pack 4 ... Microsoft Windows Server 2003 Service Pack 1 ...
      (Pen-Test)
    • <<< Small Biz Server this week July 18th 2004 >>>
      ... discovered vulnerabilities in Microsoft Windows. ... - Microsoft Windows NT Workstation 4.0 Service Pack 6a ... - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ... Restart required: In some cases, this update does not require a ...
      (microsoft.public.backoffice.smallbiz2000)
    • <<< Small Biz Server this week July 18th 2004 >>>
      ... discovered vulnerabilities in Microsoft Windows. ... - Microsoft Windows NT Workstation 4.0 Service Pack 6a ... - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ... Restart required: In some cases, this update does not require a ...
      (microsoft.public.windows.server.sbs)
    • <<< Small Biz Server this week July 18th 2004 >>>
      ... discovered vulnerabilities in Microsoft Windows. ... - Microsoft Windows NT Workstation 4.0 Service Pack 6a ... - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ... Restart required: In some cases, this update does not require a ...
      (microsoft.public.backoffice.smallbiz)
    • Critical Product Vulnerability - January 2005 Microsoft Security Bulletin Release
      ... - Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ... - Microsoft Windows Server 2003 64-Bit Edition ... Terminal Server Edition Service Pack 6 ...
      (microsoft.public.de.security.netzwerk.sicherheit)