| VID |
23093 |
| Severity |
40 |
| Port |
119 |
| Protocol |
TCP |
| Class |
NNTP |
| Detailed Description |
The target host is running a version of Microsoft NNTP server which has not been applied the patch for the MS04-036 (883935). The Network News Transfer Protocol (NNTP) is a protocol used to transfer news-group information. A remotely-exploitable buffer overflow condition exists in the NNTP service of the affected Windows operating systems. This vulnerability could potentially affect systems that only require the NNTP component. A remote attacker may gain full control of a vulnerable system through a maliciously-crafted NNTP query. The NNTP service is only enabled by default on installations of Exchange 2000 Server, although it can be manually enabled on other installations. An attacker may exploit this flaw to execute arbitrary commands on the remote host with the privileges of the NNTP server process.
* References:
http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx
* Platforms Affected:
Microsoft Exchange 2000 Server Service Pack 3
Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS04-036 at http://www.microsoft.com/technet/security/bulletin/MS04-036.asp
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2004-0840 (CVE) |
| Related URL |
11379 (SecurityFocus) |
| Related URL |
(ISS) |
|
