Oval Definition:oval:org.mitre.oval:def:800
Revision Date:2008-03-24Version:45
Title:Windows NT WINS Buffer Overflow
Description:The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0825
Platform(s):Microsoft Windows NT
Product(s):Windows Internet Naming Service (WINS)
Definition Synopsis
  • Software section
  • Windows NT Server 4.0 is installed
  • Microsoft Windows NT is installed
  • AND Windows NT server product option
  • this is an NT Server (stand-alone)
  • OR this is an NT Server (domain controller)
  • AND the version of wins.exe is less than 4.0.1381.7255
  • AND NOT the patch kb830352 is installed (Hotfix key)
  • AND Configuration section
  • the wins service is enabled
  • BACK