Oval Definition:
oval:org.mitre.oval:def:895
Revision Date
:
2008-03-24
Version
:
44
Title
:
Windows NT winlogon Remote Buffer Overflow
Description
:
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0806
Platform(s)
:
Microsoft Windows NT
Product(s)
:
Windows logon process (winlogon)
Definition Synopsis
Software section
Microsoft Windows NT is installed
AND
a vulnerable version of msgina.dll exists on NT
non Terminal Server and msgina.dll is less than 4.0.1381.7255
NOT
this is an NT Terminal Server
AND
the version of msgina.dll is less than 4.0.1381.7255
OR
Terminal Server and msgina.dll is less than 4.0.1381.33559
this is an NT Terminal Server
AND
the version of msgina.dll is less than 4.0.1381.33559
AND
NOT
the patch kb835732 is installed
AND
Configuration section
machine is a member of a domain
BACK