Oval Definition:oval:org.mitre.oval:def:259
Revision Date:2011-05-16Version:22
Title:Server 2003 Unknown Vector SMB Vulnerability
Description:Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-1206
Platform(s):Microsoft Windows Server 2003
Product(s):SMB (Server Message Block)
Definition Synopsis
  • Windows Server 2003 is installed
  • AND a vulnerable version of srv.sys exists
  • for specific Windows configurations a vulnerable version of srv.sys exists
  • NOT Win2K/XP/2003 is patched
  • AND 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed
  • 32-Bit version of Windows is installed
  • OR a version of Windows for the ia64 architecture is installed
  • AND the version of srv.sys is less than 5.2.3790.324
  • OR for specific Windows configurations a vulnerable version of srv.sys exists
  • Win2K/XP/2003/Vista service pack 1 is installed
  • AND 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed
  • 32-Bit version of Windows is installed
  • OR a version of Windows for the ia64 architecture is installed
  • AND the version of srv.sys is less than 5.2.3790.2437
  • OR for 64-bit (x64 arch) Windows (gold edition) a vulnerable version of srv.sys exists
  • 64-Bit (x64 architecture) version of Windows is installed
  • AND NOT Win2K/XP/2003 is patched
  • AND the version of srv.sys is less than 5.2.3790.2437
  • AND NOT the patch KB896422 is installed
    • BACK