WindowsXP exploit
Results 1 to 4 of 4

Thread: WindowsXP exploit

  1. #1
    Junior Member
    Join Date
    Mar 2002
    Posts
    27

    WindowsXP exploit

    First up, the MUP (Multiple UNC Provider) in Windows NT, 2K and XP contains an unchecked buffer which can be exploited to escalate user privileges, making it possible for an attacker to run arbitrary code at the OS level.

    UNC refers to the Universal Naming Convention, with which shares are identified. MUP is a Windows service which locates UNC resources. In this case, MUP file requests are stored in two buffers. The first is checked properly, but "MUP stores a second copy of the file request when it sends this request to a redirector," MS says. The second buffer is not adequately checked, and is therefore susceptible to a buffer overflow attack.
    Cojunudo

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Did Microsoft release a patch to this exploit yet?

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    856
    Here is the page where you can get the patch. http://www.microsoft.com/security/se...s02018_iis.asp

    I don't think this applies to the home version of Windows XP though. Looks like it only applies to people running IIS to use their box as a server.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  4. #4
    Junior Member
    Join Date
    Mar 2002
    Posts
    27
    I think so, it only applyes to the Pro edition.
    By the way, I have a problem with the Home edition which I have just posted somewhere else.
    Can you help?
    Cojunudo

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •