{"vuid":"VU#901584","idnumber":"901584","name":"Microsoft Windows SNMP Memory Corruption Vulnerability","keywords":["Microsoft","Windows","SNMP","Simple Network Management Protocol","Memory Corruption","ms06-dec"],"overview":"A vulnerability in the way Microsoft Windows handles SNMP may allow a buffer overflow that may allow remote execution of arbitrary code.","clean_desc":"Microsoft Windows contains a buffer overflow that may occur when handling malformed SNMP packets. According to Microsoft Security Bulletin ms06-074 the exploit is triggered by sending a specially crafted SNMP packet to a vulnerable system. Note that the SNMP service is not installed on any version of Microsoft Windows by default.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.","resolution":"Update\nMicrosoft has released an update to address this issue. See Microsoft Security Bulletin ms06-074 for more details.","workarounds":"Apply a Workaround Block UDP port 161\nDisable SNMP service - Note that according to Microsoft Security Bulletin ms06-074: If you disable the SNMP service, you may not be able to monitor systems via SNMP. See Microsoft Security Bulletin ms06-074 for more details.","sysaffected":"","thanks":"This vulnerability was reported in \nMicrosoft Security Bulletin \nms06-074 Microsoft credits Kostya Kortchinsky of Immunity, Inc. and Clement Seguy of the European Aeronautic Defence and Space Company for reporting this issue.","author":"This document was written by Chris Taschner.","public":["http://www.microsoft.com/technet/security/bulletin/ms06-074.mspx","http://secunia.com/advisories/23307/"],"cveids":["CVE-2006-5583"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-12-12T19:26:42Z","publicdate":"2006-12-12T00:00:00Z","datefirstpublished":"2006-12-13T20:31:46Z","dateupdated":"2007-01-05T19:46:40Z","revision":20,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"4","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"9","cam_attackeraccessrequired":"18","cam_scorecurrent":"16.4025","cam_scorecurrentwidelyknown":"20.95875","cam_scorecurrentwidelyknownexploited":"39.18375","ipprotocol":"UDP","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":16.4025,"vulnote":null}