| VID |
26043 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q822343) for the 'Buffer Overflow Vulnerability in ISAPI Extension for Windows Media Services' has not been applied.
In Windows 2000, an ISAPI extension(nsiislog.dll) supports that the server logs the client information for multicast transmission of Microsoft Windows Media Services. A buffer overflow vulnerability exists in the way nsiislog.dll processes incoming client requests. By sending a large POST request to nsiislog.dll, a remote attacker can cause IIS to fail or execute code on the target system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS03-022.asp
* Platforms Affected:
MS Windows 2000 Any version(Except for Windows 2000 professional) SP1 - SP4 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS03-022 at http://www.microsoft.com/technet/security/bulletin/MS03-022.asp
1. Open the page: http://microsoft.com/downloads/details.aspx?FamilyId=F772E131-BBC9-4B34-9E78-F71D9742FED8&displaylang=en
2. Select your language from the drop-down list and then click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0349 (CVE) |
| Related URL |
8035 (SecurityFocus) |
| Related URL |
(ISS) |
|
