Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 MS-RPC:OF:WKST-SVC-BO

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 MS-RPC

Keywords

 DCE-RPC Windows Workstation Service Remote Buffer Overflow

Release Date

 2003/11/12

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

MS-RPC: DCE-RPC Windows Workstation Service Remote Buffer Overflow


This signature detects attempts to exploit a known vulnerability against Windows Workstation Service. A successful attack can lead to arbitrary code execution.

Extended Description

It has been reported that Microsoft Windows Workstation (WKSSVC.DLL) service is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable host. The problem is in the handling of requests by the Workstation Service. The Workstation Service does not properly check bounds on remote data therefore making it possible to overwrite sensitive regions of system memory.

Affected Products

  • Cisco Broadband Troubleshooter
  • Cisco Building Broadband Service Manager (BBSM) 2.5.1
  • Cisco Building Broadband Service Manager (BBSM) 3.0.0
  • Cisco Building Broadband Service Manager (BBSM) 4.0.1
  • Cisco Building Broadband Service Manager (BBSM) 4.2.0
  • Cisco Building Broadband Service Manager (BBSM) 4.3.0
  • Cisco Building Broadband Service Manager (BBSM) 4.4.0
  • Cisco Building Broadband Service Manager (BBSM) 4.5.0
  • Cisco Building Broadband Service Manager (BBSM) 5.0.0
  • Cisco Building Broadband Service Manager (BBSM) 5.1.0
  • Cisco Building BroadBand Service Manager Hotspot 1.0.0
  • Cisco Call Manager 1.0.0
  • Cisco Call Manager 2.0.0
  • Cisco Call Manager 3.0.0
  • Cisco Call Manager 3.1.0
  • Cisco Call Manager 3.1.0 (2)
  • Cisco Call Manager 3.1.0 (3a)
  • Cisco Call Manager 3.2.0
  • Cisco Call Manager 3.3.0
  • Cisco Call Manager 3.3.0 (3)
  • Cisco Call Manager 4.0.0
  • Cisco Call Manager
  • Cisco CiscoWorks VPN/Security Management Solution
  • Cisco Collaboration Server
  • Cisco Conference Connection 1.1.0 (1)
  • Cisco Conference Connection 1.2.0
  • Cisco Conference Connection
  • Cisco Customer Response Application Server
  • Cisco DOCSIS CPE Configurator
  • Cisco Dynamic Content Adapter
  • Cisco E-Mail Manager
  • Cisco Intelligent Contact Manager 5.0.0
  • Cisco Intelligent Contact Manager
  • Cisco Internet Service Node
  • Cisco IP Call Center Express (IPCC Express) Enhanced 3.0.0
  • Cisco IP Call Center Express (IPCC Express) Standard 3.0.0
  • Cisco IP Telephony Environment Monitor
  • Cisco IP/TV Server
  • Cisco IP/VC 3540 Application Server
  • Cisco IP/VC 3540 Video Rate Matching Module
  • Cisco Lan Management Solution
  • Cisco Media Blender
  • Cisco Networking Services for Active Directory
  • Cisco Network Registar
  • Cisco Personal Assistant 1.3.0 (1)
  • Cisco Personal Assistant 1.3.0 (2)
  • Cisco Personal Assistant 1.3.0 (3)
  • Cisco Personal Assistant 1.3.0 (4)
  • Cisco Personal Assistant 1.4.0 (1)
  • Cisco Personal Assistant 1.4.0 (2)
  • Cisco Personal Assistant
  • Cisco QoS Policy Manager
  • Cisco Routed Wan Management
  • Cisco Secure Access Control Server 3.2.0 (1.20)
  • Cisco Secure Access Control Server 3.2.1
  • Cisco Secure Access Control Server 3.2.2
  • Cisco Secure Access Control Server
  • Cisco Secure Policy Manager 3.0.1
  • Cisco Secure Scanner
  • Cisco Service Management
  • Cisco Small Network Management Solution
  • Cisco SN 5420 Storage Router 1.1.0 (2)
  • Cisco SN 5420 Storage Router 1.1.0 (3)
  • Cisco SN 5420 Storage Router 1.1.0 (4)
  • Cisco SN 5420 Storage Router 1.1.0 (5)
  • Cisco SN 5420 Storage Router 1.1.0 (7)
  • Cisco SN 5420 Storage Router 1.1.3
  • Cisco SN 5428 Storage Router SN5428-2-3.3.1-K9
  • Cisco SN 5428 Storage Router SN5428-2-3.3.2-K9
  • Cisco SN 5428 Storage Router SN5428-2.5.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.2.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.2.2-K9
  • Cisco SN 5428 Storage Router SN5428-3.3.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.3.2-K9
  • Cisco Trailhead
  • Cisco Transport Manager
  • Cisco Unity Server 2.0.0
  • Cisco Unity Server 2.1.0
  • Cisco Unity Server 2.2.0
  • Cisco Unity Server 2.3.0
  • Cisco Unity Server 2.4.0
  • Cisco Unity Server 2.46.0
  • Cisco Unity Server 3.0.0
  • Cisco Unity Server 3.1.0
  • Cisco Unity Server 3.2.0
  • Cisco Unity Server 3.3.0
  • Cisco Unity Server 4.0.0
  • Cisco Unity Server
  • Cisco uOne Enterprise Edition
  • Cisco User Registration Tool
  • Cisco Voice Manager
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server SP1
  • Microsoft Windows 2000 Datacenter Server SP2
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP 64-bit Edition SP1
  • Microsoft Windows XP 64-bit Edition
  • Microsoft Windows XP Home SP1
  • Microsoft Windows XP Home
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Professional SP1
  • Microsoft Windows XP Professional

References

  • BugTraq: 9011
  • CVE: CVE-2004-0214
  • CVE: CVE-2011-4620
  • CVE: CVE-2009-1544

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out