nslookup on Microsoft Windows XP SP2 suffers from a crash vulnerability.
81df40ba25940078b3f2290974759e12a4c064f338d488d72b7972373b0e1ceb
+==========================================================================+
+ Microsoft Windows XP SP2 , nslookup APP +
+==========================================================================+
Author(s): Ivan Sanchez
Product: nslookup.exe APP
Web: http://www.microsoft.com
Versions Affected:
------------------
Module Information:
Microsoft Corporation
C:\WINDOWS\system32\nslookup.exe
File Description: nslookup APP
File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Sistema operativo Microsoft® Windows® Product Version: 5.1.2600.2180
Operating System Affected:
--------------------------
Microsoft Windows XP Professional Version 5.1.2600 Service Pack 2
Date: 09/08/2008
-----
Description:
------------
Microsoft Windows XP SP2 , nslookup APP
A vulnerability has been reported in Microsoft Windows " NSLOOKUP APP, which can be exploited by malicious people to compromise the system.
The vulnerability is caused due to an unspecified error when parsing malformed functions.
This can be exploited to corrupt memory via a specially crafted function.
Successful exploitation allows execution of arbitrary code.
NOTE: The vulnerability is currently being actively exploited.
EXPLOIT:
--------
Download video of proof:
http://www.nullcode.com.ar/ncs/crash/nsloo.htm
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+==========================================================================+
+ Microsoft Windows XP SP2 , nslookup APP +
+==========================================================================+