Systems Affected: Microsoft Windows NT Workstation 4.0 Microsoft Windows NT Server 4.0 Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Messenger Service is prone to a remotely exploitable buffer overrun vulnerability. The service is exposed via NetBIOS (ports 137-139) and RPC (port 135). The source of the vulnerability is insufficient bounds checking of messages before they are passed to an internal buffer. Exploitation could result in a denial of service or in execution of malicious code in Local System context, potentially allowing for full system compromise. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-043.asp _________ Satya SKJ Moderator SQL-Server-Performance.Com
Well done Satya. Luis Martin ...Thus mathematics may be defined as the subject in which we never know what we are talking about, nor whether what we are saying is true. Bertrand Russell
Though its not direct hit to SQL Server but vulnerable to the operating systems involved. And on most of our enterprise systems Messenger service is not installed and used, only 2 systems with this setup has been patched now. Fyi. _________ Satya SKJ Moderator SQL-Server-Performance.Com
Geez, are there any services left that havn't had a vulnerability... <img src='/community/emoticons/emotion-4.gif' alt='' /><br /><br />/Argyle
