Signature Detail

SNMP: Microsoft Windows SNMP Service Memory Corruption

This anomaly triggers if the sensor detects an maliciously crafted SNMP GETBULK request. A successful attack can cause a denial-of-service condition and under some circumstances, allow execution of arbitrary code.

Extended Description

Microsoft Windows SNMP service is prone to a memory-corruption vulnerability because the software fails to properly bounds-check user-supplied network data before copying it to an insufficiently sized memory buffer. Exploiting this issue allows remote attackers to execute arbitrary machine code on affected computers with SYSTEM-level privileges. This facilitates the complete compromise of affected computers.

Affected Products

• Avaya Agent Access
• Avaya Basic Call Management System Reporting Desktop server
• Avaya Basic Call Management System Reporting Desktop
• Avaya CMS Supervisor
• Avaya Computer Telephony
• Avaya Contact Center Express
• Avaya CVLAN
• Avaya Enterprise Management
• Avaya Integrated Management
• Avaya Interaction Center
• Avaya Interaction Center - Voice Quick Start
• Avaya IP Agent
• Avaya IP Softphone
• Avaya Modular Messaging (MAS)
• Avaya Network Reporting
• Avaya OctelAccess(r) Server
• Avaya OctelDesignerTM
• Avaya Operational Analyst
• Avaya Outbound Contact Management
• Avaya Speech Access
• Avaya Unified Communication Center
• Avaya Unified Messenger (r)
• Avaya Visual Messenger TM
• Avaya Visual Vector Client
• Avaya VPNmanagerTM Console
• Avaya Web Messenger
• HP Storage Management Appliance 2.1
• Microsoft Windows 2000 Advanced Server SP1
• Microsoft Windows 2000 Advanced Server SP2
• Microsoft Windows 2000 Advanced Server SP3
• Microsoft Windows 2000 Advanced Server SP4
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server SP1
• Microsoft Windows 2000 Datacenter Server SP2
• Microsoft Windows 2000 Datacenter Server SP3
• Microsoft Windows 2000 Datacenter Server SP4
• Microsoft Windows 2000 Datacenter Server
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP3
• Microsoft Windows 2000 Professional SP4
• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Server SP1
• Microsoft Windows 2000 Server SP2
• Microsoft Windows 2000 Server SP3
• Microsoft Windows 2000 Server SP4
• Microsoft Windows 2000 Server
• Microsoft Windows Server 2003 Datacenter Edition SP1
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Datacenter x64 Edition
• Microsoft Windows Server 2003 Enterprise Edition SP1
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Enterprise x64 Edition
• Microsoft Windows Server 2003 Standard Edition SP1
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Standard x64 Edition
• Microsoft Windows Server 2003 Web Edition SP1
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows XP
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Home
• Microsoft Windows XP Media Center Edition SP1
• Microsoft Windows XP Media Center Edition SP2
• Microsoft Windows XP Media Center Edition
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Tablet PC Edition SP1
• Microsoft Windows XP Tablet PC Edition SP2
• Microsoft Windows XP Tablet PC Edition

References

• BugTraq: 21537
• CVE: CVE-2006-5583
• URL: http://www.frsirt.com/english/advisories/2006/4967