CVE-2005-2119
CVE-2005-2119
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/1352no verificadoexploitdbwww.exploit-db.com/exploits/1341no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051http://secunia.com/advisories/17161http://secunia.com/advisories/17172http://secunia.com/advisories/17223http://secunia.com/advisories/17509http://securityreason.com/securityalert/73http://securitytracker.com/id?1015037https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1071https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1452https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A551http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdfhttp://www.eeye.com/html/research/advisories/AD20051011b.html