"Successful exploitation allows execution of arbitrary
code,
but requires that the MSMQ (Microsoft Message Queuing)
service
is installed (not installed by default)."
---------------------------
TITLE:
Microsoft Windows Pragmatic General Multicast Code Execution
SECUNIA ADVISORY ID:
SA21851
VERIFY ADVISORY:
http://secunia.c
om/advisories/21851/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From local network
OPERATING SYSTEM:
Microsoft Windows XP Home Edition
http://secunia.com/pro
duct/16/
Microsoft Windows XP Professional
http://secunia.com/pro
duct/22/
DESCRIPTION:
A vulnerability has been reported in Microsoft Windows XP,
which can
be exploited by malicious people to compromise a vulnerable
system.
The vulnerability is caused due to an error in the handling
of
PGM
(Pragmatic General Multicast) messages and can be exploited
via
a
specially crafted multicast message.
Successful exploitation allows execution of arbitrary code,
but
requires that the MSMQ (Microsoft Message Queuing) service
is
installed (not installed by default).
SOLUTION:
Apply patch.
Microsoft Windows XP SP1/SP2:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=ce264ac4-6ca3-4732-901
6-3143ff1bca2f
ORIGINAL ADVISORY:
MS06-052 (KB919007):
http://www.microsoft.com/technet/security/Bullet
in/MS06-052.mspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|