vendor:
BrightStor
by:
Winny M Thomas
7.5
CVSS
HIGH
Heap Overflow
121
CWE
Product Name: BrightStor
Affected Version From: Windows 2000 SP0
Affected Version To: Windows 2000 SP0
Patch Exists: NO
Related CWE:
CPE: o:microsoft:windows_2000
Platforms Tested: Windows 2000 SP0
2006
Remote exploit for the CA BrightStor msgeng.exe service heap overflow vulnerability
The exploit overwrites the UnhandledExceptionFilter in Windows 2000 SP0 with the address of call dword ptr [esi +4C] located in user32.dll. At the time when UEF is called esi +4C contains a pointer to the shellcode. The exploit opens a shell on TCP port 4444.
Mitigation:
Apply the necessary security patches and updates provided by the vendor.