|
Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) Vulnerability Scan
Vulnerability Scan Summary Acertains the presence of update 899589
Detailed Explanation for this Vulnerability Test
Synopsis :
A flaw in the client service for NetWare may allow a possible hacker to execute
arbitrary code on the remote host.
Description :
The remote host contains a version of the Client Service for NetWare which
is vulnerable to a buffer overflow.
A possible hacker may exploit this flaw by connecting to the NetWare RPC service
(possibly over IP) and trigger the overflow by sending a malformed RPC
request.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms05-046.mspx
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|