Oval Definition:oval:org.mitre.oval:def:889
Revision Date:2011-05-16Version:49
Title:Windows XP SSL PCT Handshake Vulnerability
Description:Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0719
Platform(s):Microsoft Windows XP
Product(s):Private Communications Transport (PCT)
Definition Synopsis
  • Software section
  • a vulnerable version of schannel.dll exists
  • 32-bit version of Windows and a vulnerable version of schannel.dll exists
  • 32-Bit version of Windows is installed
  • AND a vulnerable version of schannel.dll exists depending on service pack level
  • OR 64-bit version of Windows and schannel.dll is less than 5.1.2600.1347
  • a version of Windows for the ia64 architecture is installed
  • AND the version of schannel.dll is less than 5.1.2600.1347
  • AND NOT the patch kb835732 is installed
  • AND Windows XP (sp1 or earlier) is installed
  • Windows XP is installed
  • AND NOT Win2K/XP/2003 service pack 2 (or later) is installed
  • AND Configuration section
  • SSL is enabled
  • AND NOT PCT support is disabled
    • BACK