Release DateOct 26, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a Buffer Overrun vulnerability in Microsoft's Local Security Authority Subsystem Service (LSASS).LSASS is a Windows security and authentication interface. Due to inadequate boundary checking, an attacker can send a specially crafted message to a target computer to execute arbitrary code. |
Affected ProductsMicrosoft Windows 2000, 2003 and XP. |
Recommended ActionsApply the patch, available from the web site:http://www.microsoft.com/technet/security/Bulletin/MS04-011.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2003-0533 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/MS04-011.mspx (MS-ID)http://www.securityfocus.com/bid/10108 (BugTraq) |
