SHARE
CORE IMPACT v7.5 - Exploits Update (Sat Jun 21 2008)
Microsoft WINS Exploit (MS08-034)
Exploits/Remote [Windows]
• Sat Jun 21 2008
A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows remote code execution. The WINS service listens on more than one UDP port (it listens on 42/udp and also on a dynamic UDP port). This attack targets the dynamic udp port, thus it requires the identification of such dynamic port by the user. This can be accomplished by running a port scanner module such as the 'Port Scanner - UDP' module.
Exploits Vulnerabiltiy: CVE-2008-1451