Signature Detail

Short Name	APP:WSDAPI-OF
Severity	High
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	Microsoft Web Service on Devices Overflow
Release Date	2009/11/10
Update Number	1539
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Microsoft Web Service on Devices Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft Web Services on Devices (WSDAPI). A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

Affected Products

Microsoft Windows Server 2008 Datacenter Edition SP2
Microsoft Windows Server 2008 Datacenter Edition
Microsoft Windows Server 2008 Enterprise Edition SP2
Microsoft Windows Server 2008 Enterprise Edition
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for x64-based Systems
Microsoft Windows Server 2008 Standard Edition SP2
Microsoft Windows Server 2008 Standard Edition
Microsoft Windows Vista Business
Microsoft Windows Vista Business SP1
Microsoft Windows Vista Business SP2
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Enterprise SP1
Microsoft Windows Vista Enterprise SP2
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Home Basic SP1
Microsoft Windows Vista Home Basic SP2
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Premium SP1
Microsoft Windows Vista Home Premium SP2
Microsoft Windows Vista SP1
Microsoft Windows Vista SP2
Microsoft Windows Vista Ultimate
Microsoft Windows Vista Ultimate SP1
Microsoft Windows Vista Ultimate SP2
Microsoft Windows Vista
Microsoft Windows Vista Business 64-bit edition SP1
Microsoft Windows Vista Business 64-bit edition SP2
Microsoft Windows Vista Business 64-bit edition
Microsoft Windows Vista Enterprise 64-bit edition SP1
Microsoft Windows Vista Enterprise 64-bit edition SP2
Microsoft Windows Vista Enterprise 64-bit edition
Microsoft Windows Vista Home Basic 64-bit edition SP1
Microsoft Windows Vista Home Basic 64-bit edition SP2
Microsoft Windows Vista Home Basic 64-bit edition
Microsoft Windows Vista Home Premium 64-bit edition SP1
Microsoft Windows Vista Home Premium 64-bit edition SP2
Microsoft Windows Vista Home Premium 64-bit edition
Microsoft Windows Vista Ultimate 64-bit edition SP1
Microsoft Windows Vista Ultimate 64-bit edition SP2
Microsoft Windows Vista Ultimate 64-bit edition
Microsoft Windows Vista x64 Edition SP1
Microsoft Windows Vista x64 Edition SP2
Microsoft Windows Vista x64 Edition

References

BugTraq: 36919
CVE: CVE-2009-2512

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Microsoft Web Service on Devices Overflow

Extended Description

Affected Products

References