CERT Advisory CA-2003-28 - A specially crafted network message can trigger a buffer overflow in Microsoft's Workstation server. The vulnerability is caused by a flaw in the network management functions of the DCE/RPC service and a logging function implemented in Workstation Service (WKSSVC.DLL). Various RPC functions will permit the passing of long strings to the vsprintf() routine that is used to create log entries. The vsprintf() routine contains no bounds checking for parameters thus creating a buffer overflow situation.
979392a63ca9d86583ec3f6402dafeb1c0ea7237bc2af925d5f46a51e7c89a47