| VID |
26119 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(KB885250) for 'Vulnerability in Microsoft Windows SMB' has not been applied. The Microsoft Server Message Block (SMB) are network protocols that Windows operating system uses to share files, printers, serial ports, and communicate between computers. Microsoft Windows 2003, Windows 2000, and Windows XP could allow a remote attacker to execute arbitrary code on the system, caused by improper validation of SMB (Server Message Block) packets. This vulnerability exists in the way that the affected operating systems validate certain incoming SMB packets. An unauthenticated remote attacker may be able to exploit this vulnerability by sending specially-crafted SMB packets to a vulnerable system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.kb.cert.org/vuls/id/652537
http://xforce.iss.net/xforce/alerts/id/186
http://www.microsoft.com/technet/security/bulletin/ms05-011.mspx
* Platforms Affected:
Microsoft Windows 2000 Any version SP4
Microsoft Windows XP 64-Bit Ed2003
Microsoft Windows XP 64-Bit SP1
Microsoft Windows XP Any version SP2
Microsoft Windows 2003 Server Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS05-011 at http://www.microsoft.com/technet/security/bulletin/ms05-011.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0050 (CVE) |
| Related URL |
12481 (SecurityFocus) |
| Related URL |
19101 (ISS) |
|
