Alias(es)Tag.TLSv1.IMAP.993, Tag.SSLv2.IMAP.993, Tag.SSLv3.IMAP.993, Tag.TLSv1.POP3.995, Tag.SSLv2.POP3.995, Tag.SSLv3.POP3.995, Tag.TLSv1.SMTP.465, Tag.SSLv2.SMTP.465, Tag.SSLv3.SMTP.465, Tag.TLSv1.Web.443, Tag.SSLv2.Web.443, Tag.SSLv3.Web.443, SSL.PCT.Overflow.Web.443, SSL.PCT.Overflow.POP3.995, SSL.PCT.Overflow.IMAP.993, SSL.PCT.Overflow.SMTP.465 |
Release DateDec 16, 2005 |
Severityhigh |
ImpactSystem compromise: Remote code execution. |
DescriptionThis indicates an attempt to exploit a buffer-overflow vulnerability in the Microsoft Secure Sockets Layer(SSL) library.Due to inadequate input validation in the Private Communications Transport(PCT) protocol implementation of the Microsoft Secure Sockets Layer(SSL) library, a remote attacker can execute arbitrary code on a target system via a carefully constructed PCT 1.0 handshake packet. |
Affected ProductsMicrosoft Windows NT 4.0 SP6aMicrosoft Windows 2000 SP2 through SP4 Microsoft Windows XP SP1 Microsoft Windows Server 2003 Microsoft NetMeeting Microsoft Windows 98 Microsoft Windows ME |
Recommended ActionsApply the appropriate patches from Microsoft or upgrade the system to the latest non-vulnerable version. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2003-0719 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/MS04-011.mspx (MS-ID)http://www.us-cert.gov/cas/techalerts/TA04-104A.html http://www.securityfocus.com/bid/10116 (BugTraq) http://www.kb.cert.org/vuls/id/586540 |
