Oval Definition:oval:org.mitre.oval:def:3483
Revision Date:2011-05-16Version:29
Title:NetBT Name Service Information Access Vulnerability
Description:The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0661
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):NetBT Name Service
Definition Synopsis
  • Software section - XP
  • Windows XP is installed
  • AND Patch WindowsXP-KB824105-x86-ENU.exe installed on XP or XP SP1
  • Patch WindowsXP-KB824105-x86-ENU.exe installed
  • OR Patch WindowsXP-KB824105-x86-ENU.exe installed on XP SP1
  • AND XP SP1 or Pre SP1 with correct netbt.sys version
  • Pre Service Pack XP and netbt.sys is less than 5.1.2600.117
  • the version of netbt.sys is less than 5.1.2600.117
  • AND Win2K/XP/2003 service pack 1 (or later) is installed
  • OR XP SP1 and netbt.sys is less than 5.1.2600.1243
  • the version of netbt.sys is less than 5.1.2600.1243
  • AND Win2K/XP/2003/Vista service pack 1 is installed
  • OR
  • Microsoft Windows 2000 is installed
  • Win2K/XP/2003 service pack 3 is installed
  • OR SP4 or later Installed
  • AND the version of netbt.sys is less than 5.0.2195.6783
  • OR
  • Microsoft Windows Server 2003 (32-bit) is installed
  • AND the version of netbt.sys is less than 5.2.3790.69
    • BACK