This article was previously published under Q311967
This article has been archived. It is offered "as is" and will no longer be updated.
A buffer overflow that results in a privilege elevation vulnerability exists in Windows XP. If an attacker successfully exploits this vulnerability, the attacker gains complete control over the computer. This permits the attacker to take any action on the computer. These actions might include adding, deleting, or modifying data; creating or deleting user accounts; or adding accounts to the local Administrators group.
The Multiple UNC Provider (MUP) request can be levied only by a process on the local computer. Therefore, this vulnerability can be exploited only by a user who can log on to an affected computer interactively and run code.
Best practices suggest that unprivileged users not be permitted to interactively log on to business-critical servers. If this recommendation has been followed, computers such as domain controllers, Enterprise Resource Planning (ERP) servers, print and file servers, database servers, and others are not be at risk from this vulnerability.
This vulnerability occurs because the MUP service contains an unchecked buffer. By sending a specially malformed request, an attacker might be able to conduct a buffer-overrun attack against a computer.
Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 6, Microsoft Windows XP Professional, Microsoft Windows XP Professional x64 Edition, Microsoft Windows NT Server 4.0 Standard Edition, Microsoft Windows NT Server 4.0 Enterprise Edition, Microsoft Windows NT Workstation 4.0 Developer Edition