7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.902 High
EPSS
Percentile
98.8%
A buffer overflow in the WINS service may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
The Microsoft WINS service maps IP addresses to NETBIOS computer names.The WINS protocol contains a vulnerability that may allow a remote attacker to compromise a WINS server. Insufficient validation on the name parameter within incoming WINS packets allows a buffer overflow to occur. If a remote attacker supplies a specially crafted packet to a vulnerable WINS server, that attacker may be able to exploit the buffer overflow to execute arbitrary code.
According to Microsoft Security Bulletin MS04-045 the following Microsoft products are vulnerable:
| |
Microsoft Windows NT Server 4.0 Service Pack 6a
—|—
|
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
|
Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4
|
Microsoft Windows Server 2003
|
Microsoft Windows Server 2003 64-Bit Edition
For more detailed information please refer to Microsoft Security Bulletin MS04-045.
A remote attacker may be able to execute arbitrary code with SYSTEM privileges or cause a denial-of-service condition.
Apply Patch
Microsoft has released Microsoft Security Bulletin MS04-045 to address this issue. Users are encouraged to review this bulletin and apply the patches it refers to.
Consider Workarounds in MS04-045
* Removing the WINS service if it is not needed
* Blocking TCP and UDP port 42
* Using IPsec as a communication protocol between WINS servers
378160
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: December 16, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Microsoft has released Microsoft Security Bulletin MS04-045 to address this issue.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23378160 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Microsoft Security for reporting this vulnerability.Microsoft credits Kostya Kortchinsky of CERT RENATER with reporting this vulnerability.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2004-0567 |
---|---|
Severity Metric: | 23.73 Date Public: |