Oval Definition:	oval:org.mitre.oval:def:5926
Revision Date: 2016-02-19 Version: 21 Title: Windows 2000 NNTP Component Buffer Overflow Description: The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0574 Platform(s): Microsoft Windows 2000 Product(s): Network News Transport Protocol (NNTP) Definition Synopsis Software section Windows 2000 Server is installed Windows 2000 is installed AND Windows NT server product option this is an NT Server (stand-alone) OR this is an NT Server (domain controller) AND Win2K/XP/2003 service pack 3 (or later) is installed AND the version of nntpsvc.dll is less than 5.0.2195.6972 AND NOT KB883935 is installed AND Configuration section the NNTP service is enabled
BACK