Microsoft Windows NT service pack level via remote registry access

1995-01-01T00:00:00
ID OSVDB:304
Type osvdb
Reporter OSVDB
Modified 1995-01-01T00:00:00

Description

Vulnerability Description

It is possible to determine the Windows Service Pack level of this system by reading the registry via NetBIOS. An attacker could use this information to determine potential vulnerabilities on the system. Depending on the Windows configuration and version, a valid username and password may be required before this information can be obtained.

Technical Description

The service pack level is recorded under registry entry HKLM.SOFTWARE.Microsoft.Windows NT.CSDVersion

Solution Description

You can disable remote registry access by creating the following registry value:

Hive: HKEY_LOCAL_MACHINE Key: SYSTEM.CurrentControlSet.Control.SecurePipeServers.winreg Type: REG_SZ Value Name: Description Value Data: Registry Server

You may have to create the winreg key if it does not exist. Then add the value "Description" with the data "Registry Server" under the winreg key.

Short Description

It is possible to determine the Windows Service Pack level of this system by reading the registry via NetBIOS. An attacker could use this information to determine potential vulnerabilities on the system. Depending on the Windows configuration and version, a valid username and password may be required before this information can be obtained.

References:

OVAL ID: 1023 Microsoft Knowledge Base Article: 153183 ISS X-Force ID: 151 ISS X-Force ID: 152 CVE-1999-0562 Bugtraq ID: 6830