| VID |
28073 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Windows host is seemed to have a 'Unchecked Buffer in the Microsoft ASN.1 Library' vulnerability.
Abstract Syntax Notation 1 (ASN.1) is a data standard that is used by many applications and devices in the technology industry for allowing the normalization and understanding of data across various platforms. Microsoft Windows NT, Windows 2000, Windows XP, and Windows Server 2003 are vulnerable to a buffer overflow in the Microsoft's implementation of the ASN.1 Library. A remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code with system privileges. Because this library is widely used by Windows security subsystems, the vulnerability can be exposed through an array of avenues, including Kerberos, NTLMv2 authentication, and applications that make use of certificates (SSL, digitally-signed e-mail, signed ActiveX controls, etc.).
* References:
http://www.microsoft.com/technet/security/bulletin/ms04-007.asp
http://www.eeye.com/html/Research/Advisories/AD20040210.html
http://www.eeye.com/html/Research/Advisories/AD20040210-2.html
* Platforms Affected:
Microsoft Windows XP
Microsoft Windows 2000 Any version
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 TSE
Microsoft Windows Server 2003 Any version |
| Recommendation |
Apply the appropriate patch (KB828028) for your system, as listed in the Microsoft Security Bulletin MS04-007 at http://www.microsoft.com/technet/security/bulletin/ms04-007.asp
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web ste, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0818 (CVE) |
| Related URL |
9633,9635 (SecurityFocus) |
| Related URL |
15039 (ISS) |
|
