Release DateNov 12, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer overflow vulnerability in Microsoft License Logging Server software.The vulnerability is caused by improper bounds checking when handling RPC packets. By sending a specially crafted RPC request to the RPC interface of the vulnerable software, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system. |
Affected ProductsMicrosoft Windows 2000 Server Service Pack 4 |
Recommended ActionsApply patch, available from the web site:http://www.microsoft.com/technet/security/Bulletin/ms09-064.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-2523 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/ms09-064.mspx (MS-ID) |
