Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:UPNP:MS-UPNP

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Microsoft Universal Plug and Play Invalid Header Overflow

Release Date

 2007/04/10

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Microsoft Universal Plug and Play Invalid Header Overflow


This signature detects attempts to exploit a known vulnerability in Microsoft Windows Universal Plug and Play. A successful attack can lead to a buffer overflow and arbitrary remote code execution resulting in full control of the target system.

Extended Description

Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. This occurs when handling certain HTTP requests. To exploit this issue, an attacker must be in the same network segment as the victim. Successful exploits may allow attackers to execute arbitrary code with the privileges of the affected service. Failed exploits attempts will likely result in denial-of-service conditions.

Affected Products

  • Avaya agent_access
  • Avaya basic_call_management_system_reporting_desktop server
  • Avaya basic_call_management_system_reporting_desktop
  • Avaya cms_supervisor
  • Avaya computer_telephony
  • Avaya contact_center_express
  • Avaya customer_interaction_express_(cie)_server 1.0
  • Avaya customer_interaction_express_(cie)_user_interface 1.0
  • Avaya cvlan
  • Avaya enterprise_management
  • Avaya integrated_management
  • Avaya interaction_center
  • Avaya interaction_center-voice_quick_start
  • Avaya ip_agent
  • Avaya ip_softphone
  • Avaya modular_messaging_(mas)
  • Avaya network_reporting
  • Avaya octelaccess(r)_server
  • Avaya octeldesignertm
  • Avaya operational_analyst
  • Avaya outbound_contact_management
  • Avaya speech_access
  • Avaya unified_communication_center
  • Avaya unified_communications_center_s3400
  • Avaya visual_messenger_tm
  • Avaya visual_vector_client
  • Avaya vpnmanagertm_console
  • Avaya web_messenger
  • Microsoft windows_xp
  • Microsoft windows_xp_home SP1
  • Microsoft windows_xp_home SP2
  • Microsoft windows_xp_home
  • Microsoft windows_xp_media_center_edition SP1
  • Microsoft windows_xp_media_center_edition SP2
  • Microsoft windows_xp_media_center_edition
  • Microsoft windows_xp_professional SP1
  • Microsoft windows_xp_professional SP2
  • Microsoft windows_xp_professional
  • Microsoft windows_xp_professional_x64_edition SP2
  • Microsoft windows_xp_professional_x64_edition
  • Microsoft windows_xp_tablet_pc_edition SP1
  • Microsoft windows_xp_tablet_pc_edition SP2
  • Microsoft windows_xp_tablet_pc_edition
  • Nortel_networks enterprise_network_management_system
  • Nortel_networks multiservice_data_manager_(operator_client)

References

  • BugTraq: 23371
  • CVE: CVE-2007-1204
  • URL: http://www.securitytracker.com/id?1017895

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out