Oval Definition:
oval:org.mitre.oval:def:213
Revision Date
:
2011-10-03
Version
:
44
Title
:
Windows 2000 Messenger Service Buffer Overflow
Description
:
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0717
Platform(s)
:
Microsoft Windows 2000
Product(s)
:
Messenger Service
Definition Synopsis
Software section
Windows 2000 is installed
AND
the version of msgsvc.dll is less than 5.0.2195.6861
AND
the version of wkssvc.dll is less than 5.0.2195.6861
AND
NOT
the patch q828035 is installed (Hotfix key)
AND
Configuration section
the messenger service is enabled
BACK