Vulnerability Bulletins

int(1741)

Vulnerability Bulletins

Desbordamiento de búfer en el servicio Plug and Play de Microsoft Windows
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	Microsoft
Affected software	Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 Service Pack 1 Microsoft Windows Server 2003 Itanium-based Systems Microsoft Windows Server 2003 SP1 Itanium-based Systems Microsoft Windows Server 2003 x64 Edition
Description
Se ha descubierto un desbordamiento de búfer en múltiples versiones del sistema operativo Microsoft Windows. La vulnerabilidad reside en el servicio Plug and Play. La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código arbitrario o a un atacante local obtener un aumento de privilegios mediante el uso de mensajes especialmente diseñados.
Solution
Actualización de software Microsoft Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=E39A3D96-1C37-47D2-82EF-0AC89905C88F Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=9A3BFBDD-62EA-4DB2-88D2-415E095E207F Microsoft Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=89D90E25-4773-4782-AD06-9B7517BAB3C8 Microsoft Windows Server 2003 Microsoft Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=6275D7B7-DAB1-47C8-8745-533EB471072C Microsoft Windows Server 2003 Itanium-based Systems Microsoft Windows Server 2003 SP1 Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=BE18D39D-3E4C-4C6F-B841-2CCD8D4C3F50 Microsoft Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=D976316D-3B17-4AD4-9198-513FFDAC98E4
Standar resources
Property	Value
CVE	CAN-2005-1983
BID
Other resources
Microsoft Security Bulletin MS05-039 http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-08-11

Vulnerability Bulletins

Desbordamiento de búfer en el servicio Plug and Play de Microsoft Windows

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history