Korean

<< Back VID 26118 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description The Hotfix(KB885834) for 'Vulnerability in the License Logging Service buffer overflow' has not been applied. Microsoft's License Logging Service (LLS) assists in the management of licenses for some Microsoft server products. An error in the way that the LLS handles an unchecked buffer results in a vulnerability. An attacker with the ability to send a specially-crafted message to the LLS could exploit this vulnerability to execute code of their choosing or cause a denial of service. On affected versions of Windows NT and Windows 2000 Server, a remote attacker may be able to execute arbitrary code with Local System privileges on a vulnerable system. Microsoft reports that exploitation of this vulnerability on Windows Server 2003 systems causes the License Logging Service to crash, resulting in a denial of service on that platform. * Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://www.microsoft.com/technet/security/bulletin/ms05-010.mspx http://www.kb.cert.org/vuls/id/130433 http://xforce.iss.net/xforce/alerts/id/186 * Platforms Affected: Microsoft Windows NT 4.0 Server Any version Microsoft Windows 2000 Any version SP4 Microsoft Windows 2003 Server Any version Recommendation Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS05-010 at http://www.microsoft.com/technet/security/bulletin/ms05-010.mspx -- OR -- Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. Related URL CVE-2004-0597,CVE-2004-1244 (CVE) Related URL 12485,12506 (SecurityFocus) Related URL 16894,19096,19252 (ISS)