Microsoft WINS Local Elevation of Privilege (MS11-070; CVE-2011-1984)
| Check Point Reference: | CPAI-2011-413 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS11-070 | |
| Industry Reference(s): | CVE-2011-1984 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Vulnerability Description An elevation of privilege vulnerability has been reported in Microsoft WINS. A local attacker could exploit this vulnerability to execute arbitrary code in an affected local system. |
||
|
Update/Patch Available Apply patches from: MS11-070 |
|
|
Vulnerability Details The vulnerability is due to an error in the way WINS server processes a sequence of specially crafted packets received on the loopback interface. A local attacker can exploit this vulnerability by sending a malicious packet to a target WINS server. Successful will allow an attacker to execute arbitrary code in the context of the local system. |
Protection Overview
This protection will detect and block the transferring of malformed WINS packets.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.