High Risk Vulnerability in Microsoft Windows DNS Resolution
August 8th, 2006Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability
in one of the components utilised by Winsock during the hostname resolution
process.
The vulnerability is present in one of the helper components which is
invoked when performing a hostname look-up on a hostname matching a specific
format and can lead to a buffer overrun condition which can be exploited
through a wide variety of applications, both client and server in nature -
as a result of which the attack vector could vary greatly from target to
target.
This vulnerability affects Windows 2000 SP4, Windows XP SP2 and Windows 2003
Server SP1.
This issue has been resolved in the Microsoft security bulletin MS06-041
which can be downloaded from:
http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx
NGSSoftware are going to withhold details of this flaw for three months.
Full details will be published on the 8th November 2006. This three month
window will allow users of Microsoft Windows the time needed to apply the
patch before the details are released to the general public. This reflects
NGSSoftware’s approach to responsible disclosure.
NGSSoftware Insight Security Research
http://www.ngssoftware.com
http://www.databasesecurity.com/
http://www.nextgenss.com/
+44(0)208 401 0070
