Exploit para WINS

noviembre 29th, 2004

Desde Security-Protocols

Un bug en el servicio de resolución de nombres de Windows permite a un atacante ejecutar código en nuestro ordenador. Lo mejor para protegernos, hasta que salga el correspondiente parche, es no tener este puerto  accesible al exterior.

WINS Replication Remote Vulnerability

WINS is «a Microsoft NetBIOS name server, that basically eliminates the need for broadcast packet to resolve a NetBIOS computer name to an IP address».

 WINS has a feature called WINS replication, where one or more WINS servers exchange information with each other about the computers on their respective networks. WINS replication is done on TCP port 42 using a Microsoft proprietary protocol. During this protocol flow, a memory pointer is sent from server to client, and the client uses that to talk with the server. If a special crafted packet is sent to the server, an attacker can control the pointer and can make it point to an attacker-controlled buffer and eventually write 16 bytes at any location.


Guardado en Nota | Comentarios desactivados en Exploit para WINS

Los comentarios están cerrados.