Oval Definition:oval:org.mitre.oval:def:895
Revision Date:2008-03-24Version:44
Title:Windows NT winlogon Remote Buffer Overflow
Description:Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0806
Platform(s):Microsoft Windows NT
Product(s):Windows logon process (winlogon)
Definition Synopsis
  • Software section
  • Microsoft Windows NT is installed
  • AND a vulnerable version of msgina.dll exists on NT
  • non Terminal Server and msgina.dll is less than 4.0.1381.7255
  • NOT this is an NT Terminal Server
  • AND the version of msgina.dll is less than 4.0.1381.7255
  • OR Terminal Server and msgina.dll is less than 4.0.1381.33559
  • this is an NT Terminal Server
  • AND the version of msgina.dll is less than 4.0.1381.33559
  • AND NOT the patch kb835732 is installed
  • AND Configuration section
  • machine is a member of a domain
  • BACK