Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Unchecked Buffer in Universal Plug and Play can Lead to System Compromise Vulnerability Scan

Vulnerability Scan Summary
Acertains the presence of hotfix Q315000

Detailed Explanation for this Vulnerability Test

Synopsis :

The Universal Plug and Play service on the remote host is prone to
denial of service and buffer overflow attacks.

Description :

Using a specially-crafted NOTIFY directive, a remote attacker can
cause code to run in the context of the Universal Plug and Play, UPnP,
subsystem or possibly lead to a denial of service attack against the
affected host. Note that under Windows XP, the UPnP subsystem
operates with SYSTEM rights.

Solution :

Microsoft has released a set of patches for Windows 98, 98SE, ME, and XP :

Threat Level:

Critical / CVSS Base Score : 10

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.