12050: Microsoft Data Access Components Buffer Overflow Vulnerability (Q329414)

Microsoft Data Access Components Buffer Overflow Vulnerability (Q329414)

General Info

	TC:	12050
	Description:	Microsoft Data Access Components (MDAC) is a components package which aim is to offer database connectivity on Windows platforms. It is likely to be present on most of windows platforms. A Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6 exists. Internet Explorer 5.01 through 6.0 is also prone to this vulnerability. This flaw allows remote attackers to execute code via a malformed HTTP request to the Data Stub which means IIS is also vulnerable.
	TC Impact:	Gather Info

Specific Operations and Actions:

	Vulnerability Publication:	November 20, 2002
	Advisory Copyright:	Foundstone
	Summary:	A remote attacker can arbitrarily act on your vulnerable machine.
	Risk:	High
	CVSS 2.0 metrics:	Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
	CVSS 2.0 Base Score:	10

	Vulnerability Impact:	Gain Root

	Host Impact:	Buffer overflow allowing attacker to execute arbitrary code on vulnerable system.
	Nature of Remediation:	Update the software.

	Step required to fix the reported vulnerability:
	*** Solution type: Upgrade Software *** Microsoft has released a patch to address this issue. It is also strongly advised to upgrade MDAC to version 2.7. See references for more details.

Glossary and References :

	References:
	* MS: MS02-065 http://www.microsoft.com/technet/security/bulletin/ms02-065.asp * VULNWATCH: 20021120 Foundstone Advisory http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html * MISC: http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337 * CERT: CA-2002-33 http://www.cert.org/advisories/CA-2002-33.html * CERT-VN: VU#542081 http://www.kb.cert.org/vuls/id/542081 * BID: 6214 http://www.securityfocus.com/bid/6214 * OVAL: oval:org.mitre.oval:def:2730 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2730 * OVAL: oval:org.mitre.oval:def:294 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:294 * OVAL: oval:org.mitre.oval:def:3573 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3573 * XF: mdac-rds-server-bo(10659) http://xforce.iss.net/xforce/xfdb/10659 * XF: mdac-rds-client-bo(10669) http://xforce.iss.net/xforce/xfdb/10669 * MISC: http://www.sans.org/top20/2003/#W6

	CVE Link:	CVE-2002-1142

	Glossary:	Arbitrary Command Execution Buffer Overflow

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)