Lucene search
+L

Microsoft Windows XP Multiple Vulnerabilities (MS01-059, Q315000)

🗓️ 03 Nov 2005 00:00:00Reported by Copyright (C) 2002 Michael ScheidellType 
openvas
 openvas
🔗 plugins.openvas.org👁 32 Views

Microsoft Windows XP Multiple Vulnerabilities (MS01-059, Q315000

Related
Refs
Code
ReporterTitlePublishedViews
Family
CVE
CVE-2001-0876
9 Mar 200205:00
cve
CVE
CVE-2001-0877
9 Mar 200205:00
cve
Cvelist
CVE-2001-0876
9 Mar 200205:00
cvelist
Cvelist
CVE-2001-0877
9 Mar 200205:00
cvelist
NVD
CVE-2001-0876
20 Dec 200105:00
nvd
NVD
CVE-2001-0877
20 Dec 200105:00
nvd
OpenVAS
Unchecked Buffer in XP upnp
3 Nov 200500:00
openvas
OpenVAS
scan for UPNP hosts
3 Nov 200500:00
openvas
securityvulns
Advisory CA-2001-37 Buffer Overflow in UPnP Service On Microsoft Windows
21 Dec 200100:00
securityvulns
securityvulns
Multiple Remote Windows XP/ME/98 Vulnerabilities
21 Dec 200100:00
securityvulns
Rows per page
# SPDX-FileCopyrightText: 2002 Michael Scheidell
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.10835");
  script_version("2024-04-11T05:05:26+0000");
  script_tag(name:"last_modification", value:"2024-04-11 05:05:26 +0000 (Thu, 11 Apr 2024)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cve_id("CVE-2001-0876", "CVE-2001-0877");
  script_name("Microsoft Windows XP Multiple Vulnerabilities (MS01-059, Q315000)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2002 Michael Scheidell");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("secpod_reg_enum.nasl");
  script_mandatory_keys("SMB/registry_enumerated");

  script_tag(name:"summary", value:"Microsoft Windows XP is prone to multiple vulnerabilities.");

  script_tag(name:"insight", value:"The following flaws exist:

  - CVE-2001-0876: Buffer overflow in Universal Plug and Play (UPnP) allows remote attackers to
  execute arbitrary code via a NOTIFY directive with a long Location URL.

  - CVE-2001-0877: Universal Plug and Play (UPnP) allows remote attackers to cause a denial of
  service via a spoofed SSDP advertisement that causes the client to connect to a service on another
  machine that generates a large amount of traffic (e.g., chargen), or via a spoofed SSDP
  announcement to broadcast or multicast addresses, which could cause all UPnP clients to send
  traffic to a single target system.");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_xref(name:"URL", value:"https://learn.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/3723");

  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("secpod_reg.inc");

if( hotfix_check_sp( xp:1 ) <= 0 )
  exit( 0 );

if( hotfix_missing( name:"Q315000" ) > 0 ) {
  security_message(port:0);
  exit( 0 );
}

exit( 99 );

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

11 Apr 2024 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 27.5
EPSS0.49483
32