Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)

Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Servic

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2004-0569	16 Oct 200404:00	–	cve
Cvelist	CVE-2004-0569	16 Oct 200404:00	–	cvelist
NVD	CVE-2004-0569	3 Nov 200405:00	–	nvd
OpenVAS	Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)	3 Nov 200500:00	–	openvas
securityvulns	Microsoft Security Bulletin MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)	13 Oct 200400:00	–	securityvulns
securityvulns	[VulnWatch] BindView Advisory: Memory Leak and DoS in NT4 RPC server	13 Oct 200400:00	–	securityvulns
Tenable Nessus	MS04-029: Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)	13 Oct 200400:00	–	nessus

# OpenVAS Vulnerability Test
# $Id: smb_nt_ms04-029.nasl 8023 2017-12-07 08:36:26Z teissa $
# Description: Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
#
# Authors:
# Noam Rathaus
#
# Copyright:
# Copyright (C) 2004 Noam Rathaus
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

tag_summary = "An information disclosure and denial of service vulnerability exists when 
the RPC Runtime Library processes specially crafted messages.

An attacker who successfully exploited this vulnerability could potentially
read portions of active memory or cause the affected system to stop responding.";

tag_solution = "http://www.microsoft.com/technet/security/bulletin/MS04-029.mspx";

if(description)
{
 script_id(15467);
 script_version("$Revision: 8023 $");
 script_tag(name:"last_modification", value:"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $");
 script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
 script_bugtraq_id(11380);
 script_cve_id("CVE-2004-0569");
 script_tag(name:"cvss_base", value:"7.5");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");

 name = "Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)";
 
 script_name(name);
 


 
 script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"registry");
 
 script_copyright("This script is Copyright (C) 2004 Noam Rathaus");
 family = "Windows : Microsoft Bulletins";
 script_family(family);
 
 script_dependencies("secpod_reg_enum.nasl");
 script_require_keys("SMB/Registry/Enumerated");
 script_mandatory_keys("SMB/WindowsVersion");
 script_require_ports(139, 445);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 exit(0);
}

include("secpod_reg.inc");

if ( hotfix_check_sp(nt:7) <= 0 ) exit(0);
if ( hotfix_missing(name:"873350") > 0  )
	security_message(get_kb_item("SMB/transport"));

07 Dec 2017 00:00Current

6.3Medium risk

Vulners AI Score6.3

EPSS0.21