Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Vulnerabilities in WINS Could Allow Remote Code Execution (969883)
Informations
Name MS09-039 First vendor Publication 2009-08-11
Vendor Microsoft Last vendor Modification 2009-08-12
Severity (Vendor) Critical Revision 1.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.1 (August 12, 2009): Updated the Affected Software table to list KB961064 as the only KB replaced by this update in Microsoft Security Bulletin MS09-008Summary: This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS09-039.mspx

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6354
 
Oval ID: oval:org.mitre.oval:def:6354
Title: WINS Integer Overflow Vulnerability
Description: Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1924
Version: 1
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6410
 
Oval ID: oval:org.mitre.oval:def:6410
Title: WINS Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1923
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 3

ExploitDB Exploits

id Description
2003-10-09 MS Windows (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)

OpenVAS Exploits

Date Description
2009-08-13 Name : Microsoft Windows WINS Remote Code Execution Vulnerability (969883)
File : nvt/secpod_ms09-039.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56900 Microsoft Windows Internet Name Service (WINS) Network Packet Handling Remote...

56899 Microsoft Windows Internet Name Service (WINS) Push Request Handling Remote O...

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows WINS replication inform2 request memory corruption attempt
RuleID : 17721 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows WINS replication inform2 request memory corruption attempt
RuleID : 15849 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 WINS replication request memory corruption attempt
RuleID : 15848 - Revision : 7 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2009-08-12 Name : Arbitrary code can be executed on the remote host through the WINS service.
File : smb_nt_ms09-039.nasl - Type : ACT_GATHER_INFO
2009-08-12 Name : Arbitrary code can be executed on the remote host through the WINS service
File : wins_replication_overflow2.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:46:18
  • Multiple Updates
2014-01-19 21:30:21
  • Multiple Updates
2013-05-11 00:49:31
  • Multiple Updates