<<< Date Index >>>     <<< Thread Index >>>

Is MS06-018 a DoS or a system compromise ?



There seems to be some confusion in MS Security Bulletin MS06-018,
"Vulnerability in Microsoft Distributed Transaction Coordinator".

The bulletin itself
(http://www.microsoft.com/technet/security/bulletin/ms06-018.mspx)
states :

 "An attacker could cause the Microsoft Distributed
 Transaction Coordinator (MSDTC) to stop responding.
 Note that the denial of service vulnerability would
 not allow an attacker to execute code or to elevate
 their user rights, but it could cause the affected
 system to stop accepting requests."

whereas the linked download pages for both the Win2K and WinXP patches
http://www.microsoft.com/downloads/details.aspx?familyid=8B98F380-0E5C-4B80-9710-95E1B35AFD83&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=D80B43B2-727B-46B6-82D1-F2CBD916FE32&displaylang=en
state :

 "A security issue has been identified in the
 Microsoft Distributed Transaction Controller
 service that could allow an attacker to compromise
 your Windows-based system and gain control over it."

The related McAfee advisory
(http://seclists.org/lists/bugtraq/2006/May/0215.html) states :

 "Exploitation can at most lead to a denial of service
 and therefore the risk factor is at medium."

so I guess DoS is what it is ... but it would still be nice if someone
in the know could confirm the download pages are wrong .... anyone
from Microsoft here ?

Cheers
Nick Boyce
--
One way to make your old car run better is to look up the
price of a new model.