| VID |
28074 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
Messenger |
| Detailed Description |
MSN Messenger is installed on the host and has an information disclosure vulnerability.
MSN (Microsoft Network) Messenger is an instant messaging client program for Windows platforms that Internet users can use to chat and exchange files. MSN Messenger versions 6.0 and 6.1 could allow a remote attacker to read any local file with read access, caused by improper handling of file requests. A remote attacker could exploit this vulnerability by sending a specially crafted request to a user running MSN Messenger. If exploited successfully, the attacker could view the contents of a file on the hard drive without the user's knowledge as long as the attacker knew the location of the file and the user had read access to the file.
To exploit this vulnerability, an attacker would have to know the sign-on name of the MSN Messenger user in order to send the request, and if the 'All Others' option is enabled on the block list, the user's allow list must include the attacker's messenger account.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.kb.cert.org/vuls/id/688094
* Platforms Affected:
Microsoft MSN Messenger 6.0
Microsoft MSN Messenger 6.1
Microsoft Windows Any version |
| Recommendation |
Uninstall MSN Messenger if instant messaging services are not permitted by your corporate mandates and security policies or if Yahoo! Messenger is not needed on target system.
-- OR --
Apply the appropriate patch for this vulnerability, as listed in Microsoft Security Bulletin MS04-010 at http://www.microsoft.com/technet/security/bulletin/ms04-010.mspx |
| Related URL |
CVE-2004-0122 (CVE) |
| Related URL |
9828 (SecurityFocus) |
| Related URL |
15415 (ISS) |
|
