Family: Windows : Microsoft Bulletins --> Category: infos
NetBIOS Name Service Reply Information Leakage (824105) (registry check) Vulnerability Scan
Vulnerability Scan Summary
Checks the remote registry for MS03-034
Detailed Explanation for this Vulnerability Test
Random portions of memory may be disclosed thru the NetBIOS name service.
The remote host is running a version of the NetBT name
service which suffers from a memory disclosure problem.
A possible hacker may send a special packet to the remote NetBT name
service, and the reply will contain random arbitrary data from
the remote host memory. This arbitrary data may be a fragment from
the web page the remote user is viewing, or something more serious
like a POP password or anything else.
A possible hacker may use this flaw to continuously 'poll' the content
of the memory of the remote host and might be able to obtain sensitive
Microsoft has released a set of patches for Windows NT, 2000, XP ans 2003 :
High / CVSS Base Score : 8
Click HERE for more information and discussions on this network vulnerability scan.