Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: MS06-040: Server Service SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-040: Server Service
MS06-040 - KB921883


This fixes a buffer overrun in the server service in Windows that allows for remote code execution.

The suggested workaround is to block port 139/tcp and 445/tcp with a firewall.

This sounds like it could be developed into a worm or used as a second stage once it's behind a corporate fireewall.


Swa Frantzen -- section 66


760 Posts
Aug 8th 2006

Sign Up for Free or Log In to start participating in the conversation!