Overview
The Windows Logon process (Winlogon) contains a vulnerability that may permit a remote attacker to execute arbitrary code on the system.
Description
The Windows logon process (Winlogon) containss a buffer overflow vulnerability during the processeing of the domain value. It fails to perform checks on the size of the domain value used during the logon process before inserting it into a fixed-size buffer. Microsoft notes that systems that are not members of a domain are not affected by this vulnerability. The following systems are affected by this vulnerability:
Microsoft notes that "An attacker would require permission to modify user objects in a domain to attempt to exploit this vulnerability. Typically, only members of the Administrators or Account Operators groups would have this permission. However, this permission may have been delegated to other user accounts in the domain." |
Impact
A remote attacker could execute arbitrary code on the system. |
Solution
Apply a patch from the vendor |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Microsoft for reporting this vulnerability.
This document was written by Jason A Rafail.
Other Information
| CVE IDs: | CVE-2003-0806 |
| Severity Metric: | 13.50 |
| Date Public: | 2004-04-13 |
| Date First Published: | 2004-04-14 |
| Date Last Updated: | 2004-04-14 02:45 UTC |
| Document Revision: | 6 |