Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows --> Category: infos

Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) - Network Check Vulnerability Scan

Vulnerability Scan Summary
Acertains the presence of update 899588 (network check)

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code can be executed on the remote host due to a flaw in the
Plug-And-Play service.

Description :

The remote version of Windows contains a flaw in the function
PNP_QueryResConfList() in the Plug and Play service which may allow an
attacker to execute arbitrary code on the remote host with the SYSTEM

A series of worms (Zotob) are known to exploit this vulnerability in the

Solution :

Microsoft has released a set of patches for Windows 2000, XP and 2003 :

Threat Level:

Critical / CVSS Base Score : 10

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.