Nexpose Vulnerability Database
- Try searching for a product or vendor.
- Only vulnerabilities that match all search terms will be returned.
- Enclose search terms in double quotes for an exact search.
- For CVE searches, only enter the CVE-YYYY-XXXX code.
Get Nexpose now
Search vulnerabilities with Rapid7's vulnerability management solution
FREE DOWNLOADMicrosoft Server Service / CanonicalizePathName() Remote Code Execution Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| Critical (10) | 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Aug 8, 2006 | Aug 21, 2006 | Mar 17, 2009 |
Description:
Certain versions of Microsoft Windows are vulnerable to a remote buffer overflow which could compromise a target machine. A specially crafted packet could be used in a call to the NetPathCanonicalize RPC routine in the Server Service, whereby an attacker could execute code under SYSTEM level access.
Vulnerability Management
Get your solution now
References:
Solution:
-
Microsoft Windows 2000 Professional, Microsoft Windows 2000 Datacenter Server, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server
Install Microsoft service pack Windows 2000 Service Pack 4Download and apply the upgrade from: http://support.microsoft.com/sp
-
Microsoft Windows 2000 Professional SP4, Microsoft Windows 2000 Datacenter Server SP4, Microsoft Windows 2000 Server SP4, Microsoft Windows 2000 Advanced Server SP4
Download and install Microsoft patch WinDOWS2000-KB921883-x86-ENU.EXEDownload and apply the patch from: http://download.microsoft.com/download/9/0/b/90b8dbba-09c1-4b27-b0c4-0cc13706823a/Windows2000-KB921883-x86-ENU.EXE
-
Microsoft Windows XP Home Edition, Microsoft Windows XP Professional, Microsoft Windows XP Tablet PC Edition, Microsoft Windows XP Media Center Edition
Install Microsoft service pack Windows XP Service Pack 1Download and apply the upgrade from: http://support.microsoft.com/sp
-
Microsoft Windows XP Home Edition SP1 OR SP2, Microsoft Windows XP Professional SP1 OR SP2
Download and install Microsoft patch WindowSXP-KB921883-x86-ENU.EXEDownload and apply the patch from: http://download.microsoft.com/download/c/2/b/c2b41862-1113-4e40-a81a-d6971733e361/WindowsXP-KB921883-x86-ENU.exe
-
Microsoft Windows Server 2003, Web Edition < SP1 OR SP1, Microsoft Windows Server 2003, Enterprise Edition < SP1 OR SP1, Microsoft Windows Server 2003, Datacenter Edition < SP1 OR SP1, Microsoft Windows Server 2003, Standard Edition < SP1 OR SP1, Microsoft Windows Small Business Server 2003 < SP1 OR SP1
Download and install Microsoft patch WindowsServer2003-KB921883-x86-ENU.EXEDownload and apply the patch from: http://download.microsoft.com/download/6/e/e/6ee2a18d-b3a7-457a-af39-fb687fd6aa91/WindowsServer2003-KB921883-x86-ENU.exe
Download Nexpose
Download our vulnerability management solution, Nexpose, for free today. Scan 100% of your infrastructure for vulnerabilities, understand your risk exposure, compare and prioritize your vulnerabilities and verify that they are remediated.