Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: MS06-035 - Patch now! SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-035 - Patch now!
MS06-035 (CVE-2006-1314) looks to be the most dangerous of the
vulnerabilities announced this month, specifically the Mailslot heap overflow. 
The vulnerability can be exploited remotely against the "Server" service.
So this would definitely be something that could be used for
widespread compromise with no user interaction, or a worm.

Looks like Windows 2000 SP4 is vulnerable by default.  Windows XP SP2
and Server 2003 don't appear to be vulnerable with a default
installation unless services are listening on Mailslots.  At this
point, it is unclear exactly what software would enable Mailslots to
create a vulnerable condition.

So how long before exploit code is available?  Well, clever readers
will have noticed that Pedram Amini and H D Moore are credited with
discovering this vulnerability (the Mailslot heap overflow).  Those
guys are some of the best in the business, so you do the math...  I'm
guessing that they have had reliable exploit code working for a while
now.  (I can just see all the script kiddies hitting refresh every ten
seconds on

You should probably make this your top priority in patching.


112 Posts
Jul 11th 2006

Sign Up for Free or Log In to start participating in the conversation!