Signature Detail

APP: Microsoft PGM Denial of Service

This signature detects attempts to exploit a known vulnerability against Microsoft's Pragmatic Multicast Control. A successful attack can result in a denial-of-service condition.

Extended Description

Microsoft Pragmatic General Multicast (PGM) is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check externally supplied data. An attacker can exploit this issue to execute arbitrary code, facilitating a complete system compromise. This issue affects systems only when Microsoft Message Queuing (MSMQ) 3.0 is installed; this is not the default.

Affected Products

• Hp storage_management_appliance 2.1
• Microsoft windows_xp
• Microsoft windows_xp_64-bit_edition SP1
• Microsoft windows_xp_64-bit_edition
• Microsoft windows_xp_64-bit_edition_version_2003 SP1
• Microsoft windows_xp_64-bit_edition_version_2003
• Microsoft windows_xp_home SP1
• Microsoft windows_xp_home SP2
• Microsoft windows_xp_home
• Microsoft windows_xp_media_center_edition SP1
• Microsoft windows_xp_media_center_edition SP2
• Microsoft windows_xp_media_center_edition
• Microsoft windows_xp_professional SP1
• Microsoft windows_xp_professional SP2
• Microsoft windows_xp_professional
• Microsoft windows_xp_professional_x64_edition
• Microsoft windows_xp_tablet_pc_edition SP1
• Microsoft windows_xp_tablet_pc_edition SP2
• Microsoft windows_xp_tablet_pc_edition

References

• BugTraq: 19922
• CVE: CVE-2006-3442
• CVE: CVE-2008-1440
• CVE: CVE-2008-1441
• URL: http://www.microsoft.com/technet/security/bulletin/MS06-052.mspx
• URL: http://www.microsoft.com/technet/security/bulletin/MS08-036.mspx