Remote Code Execution via Association Context Vulnerability in WINS Service
The WINS service (wins.exe) found on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 has a vulnerability. Remote attackers can exploit this by writing to any memory location. They may also run arbitrary code. This happens through a changed memory pointer in a WINS replication packet sent to TCP port 42. This issue is known as the "Association Context Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 2000 |
||
microsoft windows 2003 server 2000 |
||
microsoft windows 2003 server 2003 |
||
microsoft windows 2003 server enterprise |
||
microsoft windows 2003 server enterprise 64-bit |
||
microsoft windows 2003 server r2 |
||
microsoft windows 2003 server standard |
||
microsoft windows 2003 server web |
||
microsoft windows nt 4.0 |