 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.100608 |
| Kategorie: | Buffer overflow |
| Titel: | Windows NT NNTP Component Buffer Overflow |
| Zusammenfassung: | The Network News Transfer Protocol (NNTP) component of Microsoft; Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003,; Exchange 2000 Server, and Exchange Server 2003 allows remote attackers; to execute arbitrary code via XPAT patterns, possibly related to; improper length validation and an unchecked buffer, leading to; off-by-one and heap-based buffer overflows. |
| Beschreibung: | Summary: The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an unchecked buffer, leading to off-by-one and heap-based buffer overflows. Solution: Microsoft has released a bulletin that includes fixes to address this issue for supported versions of the operating system. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0574 Bugtraq: 20041012 CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109761632831563&w=2 CERT/CC vulnerability note: VU#203126 http://www.kb.cert.org/vuls/id/203126 Computer Incident Advisory Center Bulletin: P-012 http://www.ciac.org/ciac/bulletins/p-012.shtml http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10 Microsoft Security Bulletin: MS04-036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926 XForce ISS Database: win-ms04036-patch(17661) https://exchange.xforce.ibmcloud.com/vulnerabilities/17661 XForce ISS Database: win-nntp-bo(17641) https://exchange.xforce.ibmcloud.com/vulnerabilities/17641 |
| Copyright | Copyright (C) 2010 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |