Microsoft Windows LanManager SNMP Information Disclosure

1999-06-07T00:00:00
ID OSVDB:445
Type osvdb
Reporter OSVDB
Modified 1999-06-07T00:00:00

Description

Vulnerability Description

Microsoft Windows LanManager contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to certain SNMP queries, which will disclose LanMan accounts, LanMan services and LanMan shares resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Disable the SNMP service if it is not required.

Short Description

Microsoft Windows LanManager contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to certain SNMP queries, which will disclose LanMan accounts, LanMan services and LanMan shares resulting in a loss of confidentiality.

References:

Vendor URL: http://www.microsoft.com/ Nessus Plugin ID:10547 Nessus Plugin ID:10546 Nessus Plugin ID:10548 Microsoft Knowledge Base Article: 99880 ISS X-Force ID: 215 CVE-1999-0499