This Metasploit module exploits a stack buffer overflow in the Windows Media Unicast Service version 4.1.0.3930 (NUMS.exe). By sending a specially crafted FunnelConnect request, an attacker can execute arbitrary code under the "NetShowServices" user account. Windows Media Services 4.1 ships with Windows 2000 Server, but is not installed by default. NOTE: This service does NOT restart automatically. Successful, as well as unsuccessful exploitation attempts will kill the service which prevents additional attempts.
4b384496a9fedaf168ba74cf8d8925d3e9590dc5accf8891f160d2def02e74d1Cert-Lexsi discovered a critical vulnerability in Windows Media Services 4.1. The vulnerability is a stack-based buffer overflow when handling a specially crafted MMS TRANSPORT_INFO packet. It could be exploited to execute arbitrary code with NetShowServices privileges (which belongs to the Administrators group).
6c6934ecec3aa784faf405de8dc5970d7a01d8d3b72f94d3ab7f14b371036d0e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed