ISS X-Force Database: mdac-rds-server-bo(10659): Microsoft Data Access Components RDS Data Stub server heap buffer overflow

Microsoft Data Access Components RDS Data Stub server heap buffer overflow

mdac-rds-server-bo (10659)

High Risk

Description:

Microsoft Data Access Components (MDAC) is vulnerable to a buffer overflow in the Remote Data Services (RDS) Data Stub function. By sending a specially-crafted HTTP request to a Web server running MDAC with the RDS enabled, a remote attacker could overflow a buffer and execute arbitrary code on the system.

Consequences:

Gain Access

Remedy:

For vulnerability detection:

Enable the following checks in the ISS Protection Platform:
MdacMs02065Patch

For Virtual Patch:

Enable the following checks in the ISS Protection Platform:
HTTP_MDAC_RDS_Overflow

Block or restrict the following in the ISS Protection Platform as appropriate to the environment:
Port 80

For Manual Protection:

Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-065. See References.

References:

CERT Advisory CA-2002-33: Heap Overflow Vulnerability in Microsoft Data Access Components (MDAC).
Foundstone Research Labs Advisory - 112002 - MDAC: Remotely Exploitable Buffer Overflow in Microsoft MDAC.
Internet Security Systems Security Alert, November 21, 2002: Microsoft MDAC Remote Compromise Vulnerability.
Microsoft Corporation Web site: What You Should Know About Microsoft Security Bulletin MS02-065.
Microsoft Security Bulletin MS02-065: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414).
BID-6214: Microsoft Data Access Components RDS Buffer Overflow Vulnerability
CVE-2002-1142: Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.
US-CERT VU#542081: Microsoft Windows Data Access Components contains heap overflow in Data Stubs when parsing a malformed HTTP request

Platforms Affected:

Microsoft Data Access Components 2.1
Microsoft Data Access Components 2.5
Microsoft Data Access Components 2.6

Reported:

Nov 20, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page