SECUNIA ADVISORY ID: SA23312
VERIFY ADVISORY: http://secunia.com/advisories/23312/
CRITICAL: Moderately critical
IMPACT: System access
OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to the Remote Installation Service enabling a TFTP service, which by default allows anonymous users to upload malicious files or overwrite existing operating system files.
SOLUTION: Apply patch.
Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=0ed62db9-4534-4f27-a49e-020c7a7d69e0
PROVIDED AND/OR DISCOVERED BY: The vendor credits Nicolas Ruff.
ORIGINAL ADVISORY: MS06-077 (KB926121): http://www.microsoft.com/technet/security/Bulletin/MS06-077.mspx
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2554
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2554