| VID |
26074 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix(KB828028) for 'Unchecked Buffer in the Microsoft ASN.1 Library' has not been applied.
Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. Microsoft Windows NT, Windows 2000, Windows XP, and Windows Server 2003 are vulnerable to a buffer overflow in the Microsoft's implementation of the ASN.1 Library. A remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code with system privileges. Because this library is widely used by Windows security subsystems, the vulnerability can be exposed through an array of avenues, including Kerberos, NTLMv2 authentication, and applications that make use of certificates (SSL, digitally-signed e-mail, signed ActiveX controls, etc.).
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms04-007.asp
http://www.eeye.com/html/Research/Advisories/AD20040210.html
http://www.eeye.com/html/Research/Advisories/AD20040210-2.html
* Platforms Affected:
Microsoft Windows XP
Microsoft Windows 2000 Any version
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 TSE
Microsoft Windows Server 2003 Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS04-007 at http://www.microsoft.com/technet/security/bulletin/ms04-007.asp
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web ste, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0818 (CVE) |
| Related URL |
9633,9635 (SecurityFocus) |
| Related URL |
15039 (ISS) |
|
