mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
964 B
964 B
CVE-2003-0812
Description
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
POC
Reference
- http://marc.info/?l=bugtraq&m=106865197102041&w=2
- http://www.cisco.com/warp/public/707/cisco-sa-20040129-ms03-049.shtml
- http://www.kb.cert.org/vuls/id/567620