Results 1 to 3 of 3

Thread: Microsoft SNMP Patch (Version 4!!)

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001

    Microsoft SNMP Patch (Version 4!!)

    - ----------------------------------------------------------------------
    - - -
    Title: Unchecked Buffer in SNMP Service Could Enable Arbitrary
    Code to be Run
    Released: 12 February 2002
    Revised: 11 March 2002 (Version 4.0)
    Software: Microsoft Windows 95, 98, 98SE, NT 4.0, NT 4.0 Terminal
    Server Edition, 2000, XP
    Impact: Denial of Service, potentially run code of
    attacker's choice
    Max Risk: Moderate
    Bulletin: MS02-006

    Microsoft encourages customers to review the Security Bulletin at:
    - -
    - ----------------------------------------------------------------------

    Reason for Revision:
    On March 11, 2002, Microsoft released an updated version of the
    bulletin annoucing the availability of a patch for Windows NT 4.0
    Terminal Server Edition and to advise customers that the work-around
    procedure is no longer needed for that platform. Patches for
    additional platforms are forthcoming and this bulletin will be
    re-released to annouce their availability.


    Simple Network Management Protocol (SNMP) is an Internet standard
    protocol for managing disparate network devices such as firewalls,
    computers, and routers. All versions of Windows except Windows ME
    provide an SNMP implementation, which is neither installed nor
    running by default in any version.

    A buffer overrun is present in all implementations. By sending a
    specially malformed management request to a system running an
    affected version of the SNMP service, an attacker could cause a
    denial of service. In addition, it is possible that he cause code
    to run on the system in LocalSystem context. This could
    potentially give the attacker the ability to take any desired
    action on the system.

    A patch is under development to eliminate the vulnerability.
    In the meantime, Microsoft recommends that customers who use the
    SNMP service disable it temporarily. Patches will be available
    shortly, at which time we will re-release this bulletin with
    updated details.

    Mitigating Factors:
    - The SNMP service is neither installed nor running by default
    in any version of Windows.

    - Standard firewalling practices recommend blocking the port
    over which SNMP operates (UDP ports 161 and 162). If these
    recommendations have been followed, the vulnerability could
    only be exploited by an intranet user.

    - Standard security recommendations recommend against using SNMP
    except on trusted networks, as the protocol, by design,
    provides minimal security.

    Risk Rating:
    - Internet systems: Low
    - Intranet systems: Moderate
    - Client systems: Moderate

    Patch Availability:
    - A patch is available to fix this vulnerability for WIndows XP,
    Windows 2000, WIndows NT 4.0, and Windows NT 4.0 Terminal
    Server Edition. Please read the Security Bulletin at
    for information on obtaining this patch.

    - Patches for other platforms are under development and will be
    available shortly. When this happens, we will re-release this
    bulletin with information on how to obtain and install these

    - -
    - ---------------------------------------------------------------------
    -Simon \"SDK\"

  2. #2
    Join Date
    Oct 2001
    Hehe, Are we supposed to be surprised that it took M$ 4 versions of a patch to fix a vulnerability? Nahhhh, hopefully this one will fix it

  3. #3
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    I like the fact they went through four versions in just one month.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts