what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

mb-ms.txt

mb-ms.txt
Posted Dec 27, 2006
Authored by 3APA3A

Microsoft Windows XP/2003/Vista suffers from a memory corruption flaw.

tags | advisory
systems | windows
SHA-256 | 705bd57347d0e6a7a932a0cbc5376bb71bc6bb86572f00fc641439dee19e2f8e

mb-ms.txt

Change Mirror Download
Dear full-disclosure@lists.grok.org.uk,

Since it's already wide spread on the public forums and exploit is
published on multiple sites and there is no way to stop it, I think
it's time to alert lists about this.

On the one of Russian forums:
http://www.kuban.ru/forum_new/forum2/files/19124.html
message was published by NULL about vulnerability in Windows on
processing MessageBox() with MB_SERVICE_NOTIFICATION flag and
message/caption beggining with \??\. Vulnerability seems to be memory
corruption in kernel and causes system crash or hang after few
attempts. It seems to happen because message is logged to event log
and may point to some problem with event logs processing.

Vulnerability details and code may be found here:
http://www.security.nnov.ru/Gnews944.html

There is potential remote exploitation vector if some service uses
user-supplied input for MessageBox() function. Messenger service is
not vulnerable in this way, because it prepends user-supplied input
with additional string.

I contacted Microsoft on this issue on December, 16.

--
http://www.security.nnov.ru
/\_/\
{ , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
|/

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close