WindowsXP exploit

Printable View

April 19th, 2002, 11:22 AM
Cojonudo

WindowsXP exploit

First up, the MUP (Multiple UNC Provider) in Windows NT, 2K and XP contains an unchecked buffer which can be exploited to escalate user privileges, making it possible for an attacker to run arbitrary code at the OS level.

UNC refers to the Universal Naming Convention, with which shares are identified. MUP is a Windows service which locates UNC resources. In this case, MUP file requests are stored in two buffers. The first is checked properly, but "MUP stores a second copy of the file request when it sends this request to a redirector," MS says. The second buffer is not adequately checked, and is therefore susceptible to a buffer overflow attack.
April 19th, 2002, 12:00 PM
ac1dsp3ctrum

Did Microsoft release a patch to this exploit yet?
April 19th, 2002, 12:12 PM
preacherman481

Here is the page where you can get the patch. http://www.microsoft.com/security/se...s02018_iis.asp

I don't think this applies to the home version of Windows XP though. Looks like it only applies to people running IIS to use their box as a server.
April 19th, 2002, 01:06 PM
Cojonudo

I think so, it only applyes to the Pro edition.
By the way, I have a problem with the Home edition which I have just posted somewhere else.
Can you help?