| VID |
26012 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q262694) for the "ResetBrowser Frame" and the "HostAnnouncement flood" has not been applied. Windows NT 4.0, Windows 2000, and Windows 95/98 operating systems are vulnerable to a denial of service attack, caused by a flaw in the Computer Browser protocol.
The first of these vulnerabilities allows anyone to shutdown the network browser of this host at will.
The second vulnerability allows an attacker to add thousands of bogus entries in the master browser, which will consume most of the network bandwidth as a side effect.
Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq00-036.asp
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows NT, 2000
* References:
http://www.iss.net/security_center/static/4552.php
http://www.microsoft.com/technet/security/bulletin/MS00-036.asp |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS00-036. (http://www.microsoft.com/technet/security/bulletin/ms00-036.asp) |
| Related URL |
CVE-2000-0404 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
