Oval Definition:oval:org.mitre.oval:def:5582
Revision Date:2011-11-07Version:44
Title:WINS Memory Overwrite Vulnerability
Description:The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-1451
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis
  • Vulnerable Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of wins.exe is less than 5.0.2195.7155
  • OR Vulnerable Windows Server 2003 SP1 (x86)/(x64)/(ia-64)
  • Windows Server 2003 SP1 (x86)/(x64)/(ia-64)
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 SP1 for Itanium is installed
  • AND the version of wins.exe is less than 5.2.3790.3119
  • OR Vulnerable Windows Server 2003 SP2 (x86)/(x64)/(ia-64)
  • Windows Server 2003 SP2 (x86)/(x64)/(ia-64)
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 ia64 Service Pack 2 or later is installed
  • AND the version of wins.exe is less than 5.2.3790.4271
    • BACK