| VID |
26109 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The critical security update 886185 for Windows Firewall has not been applied. This update fixes a flaw which renders the SP2 Firewall ineffective when an user connects to the Internet using a dial-up connection. Because of the way that some dialing software configures routing tables, Windows Firewall in Windows XP SP2 can sometimes interpret the whole Internet to be a local subnet. This can let anyone on the Internet access a Windows Firewall exception if the exception is configured to use the "My network (subnet) only" scope option. A remote attacker will simply connect to a network share that is published by a vulnerable computer.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://support.microsoft.com/kb/886185
http://www.securityfocus.com/archive/88/376326
* Platforms Affected:
Microsoft Windows XP Home SP2
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Professional SP2
Microsoft Windows XP Tablet PC Edition SP2 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin for the hotfix 886185 at http://support.microsoft.com/kb/886185 |
| Related URL |
(CVE) |
| Related URL |
12057 (SecurityFocus) |
| Related URL |
(ISS) |
|
