April 19th, 2002, 11:22 AM
First up, the MUP (Multiple UNC Provider) in Windows NT, 2K and XP contains an unchecked buffer which can be exploited to escalate user privileges, making it possible for an attacker to run arbitrary code at the OS level.
UNC refers to the Universal Naming Convention, with which shares are identified. MUP is a Windows service which locates UNC resources. In this case, MUP file requests are stored in two buffers. The first is checked properly, but "MUP stores a second copy of the file request when it sends this request to a redirector," MS says. The second buffer is not adequately checked, and is therefore susceptible to a buffer overflow attack.
April 19th, 2002, 12:00 PM
Did Microsoft release a patch to this exploit yet?
April 19th, 2002, 12:12 PM
Here is the page where you can get the patch. http://www.microsoft.com/security/se...s02018_iis.asp
I don't think this applies to the home version of Windows XP though. Looks like it only applies to people running IIS to use their box as a server.
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
April 19th, 2002, 01:06 PM
I think so, it only applyes to the Pro edition.
By the way, I have a problem with the Home edition which I have just posted somewhere else.
Can you help?