| VID |
26013 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q279336) for the "WinSock Mutex" problem has not been applied.
The Winsock mutex object in Windows NT 4.0 that regulates access to network resources is vulnerable to a denial of service attack, due to inappropriate permissions that would allow anyone to access the mutex. A mutex is a synchronization object that prevents multiple threads from accessing a shared resource. An attacker with interactive logon access to a computer could write a program to change the permissions for the mutex to deny other programs access to the object. This causes the victim's computer to lose all network capabilities. The computer must be restarted to regain normal functionality.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows NT, 2000
* References:
http://www.iss.net/security_center/static/6006.php
http://www.microsoft.com/technet/security/bulletin/ms01-003.asp |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS01-033. (http://www.microsoft.com/technet/security/bulletin/ms01-033.asp) |
| Related URL |
CVE-2001-0006 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
