This Metasploit module exploits a stack overflow in the NetDDE service, which is the precursor to the DCOM interface. This exploit effects only operating systems released prior to Windows XP SP1 (2000 SP4, XP SP0). Despite Microsoft's claim that this vulnerability can be exploited without authentication, the NDDEAPI pipe is only accessible after successful authentication.
c2bd4617c647ff19e1847b77cc3d7916505f16f526abbfabcf23ced43ab47f97Microsoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.
4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891aMicrosoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.
4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed