Microsoft WINS Exploit (MS08-034)

A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows remote code execution. The WINS service listens on more than one UDP port (it listens on 42/udp and also on a dynamic UDP port). This attack targets the dynamic udp port, thus it requires the identification of such dynamic port by the user. This can be accomplished by running a port scanner module such as the 'Port Scanner - UDP' module.
Exploit type: 
Vulnerabilty ID: 
CVE-2008-1451
Released Date: 
Friday, June 20, 2008 - 19:00