BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Microsoft Windows Server 2003 AD Pre-Auth Browser Election Remote Heap Overflow

Disclosed February 14, 2011    Fully Patched

Vulnerability Description:

Microsoft Windows contains a heap overflow vulnerability in the BrowserWriteErrorLogEntry function when processing Browser Election requests. Successful exploitation could allow execution of arbitrary code with System level privileges.

Vendors:

Microsoft

Vulnerable Software/Devices:

Microsoft Windows XP SP3 and prior and Windows Server 2003 SP 2 and prior

Vulnerability Severity:

High

Exploit Availability:

N/A

Exploit Impact:

Remote Code Execution
Remote Unauthenticated Privilege Escalation. This remote vulnerability allows an unauthenticated attacker to execute code on the server with System level privileges.

BeyondTrust Prevention and Detection:

Mitigation:

Apply appropriate patch from MS11-019.

Links:

CVE(s):

None

Leave a Reply