1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unchecked Buffer in Locator Service Could Lead to Code Execution: Jan 22

Discussion in 'Windows XP' started by eddie5659, Jan 22, 2003.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,777
    Hiya

    The Microsoft Locator service is a name service that maps logical
    names to network-specific names. It ships with Windows NT 4.0,
    Windows 2000, and Windows XP. By default, the Locator service is
    enabled only on Windows 2000 domain controllers and Windows NT 4.0
    domain controllers; it is not enabled on Windows NT 4.0 workstations
    or member servers, Windows 2000 workstations or member servers,
    or Windows XP.

    A security vulnerability results from an unchecked buffer in the
    Locator service. By sending a specially malformed request to the
    Locator service, an attacker could cause the Locator service to
    fail, or to run code of the attacker's choice on the system.

    Mitigating Factors:
    ====================
    - The Locator service is not enabled by default on any affected
    versions of Windows with the exception of Windows 2000 domain
    controllers and Windows NT 4.0 domain controllers.

    - A properly-configured firewall would block the calls to the
    Locator service, which would protect an affected machine from
    an Internet-based attack.


    Maximum Severity Rating: Critical

    Affected Software:

    Microsoft Windows NT 4.0
    Microsoft Windows NT 4.0, Terminal Server Edition
    Microsoft Windows 2000
    Microsoft Windows XP


    Download locations for this patch

    Windows NT 4.0:

    All except Japanese NEC and Chinese - Hong Kong

    Japanese NEC

    Chinese - Hong Kong

    Windows NT 4.0, Terminal Server Edition:


    ALL

    Windows 2000:

    All except Japanese NEC

    Japanese NEC

    Windows XP:

    32-bit Edition

    64-bit Edition

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-001.asp

    Regards

    eddie
     
    eddie5659, Jan 22, 2003
    #1
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/114826

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice