SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#445214

Microsoft Windows Internet Naming Service (WINS) fails to properly validate the length of specially crafted packets

Overview

Microsoft Windows Internet Naming Service (WINS) fails to properly validate the length of specially crafted packets which could allow an unauthenticated, remote attacker to cause a denial-of-service condition.

I. Description

The Windows Internet Naming Service (WINS) maps IP addresses to NETBIOS computer names. There is a vulnerability in the way WINS validates the length of specially crafted packets. This could allow an attacker to cause WINS to crash.

According to Microsoft, this vulnerability will only cause a denial of service on Windows Server 2003. While the vulnerable code exists in Windows NT and Windows 2000, WINS will reject the specially crafted packet thus not causing a denial of service.

II. Impact

On Windows Server 2003, an unauthenticated, remote attacker could cause WINS to crash.

III. Solution

Apply Patch

Apply the patch (830352) referenced in Microsoft Security Bulletin MS04-006.

Block or restrict access

As a temporary measure, it is possible to limit the scope of this vulnerability by blocking access to ports used to initiate a connection with a remote WINS server at the network perimeter. These are typically ports 42/tcp and 137/udp. Please note that this workaround does not protect vulnerable WINS servers from internal attacks.

Disable vulnerable service

Disable WINS until a patch can be applied. As a best practice, the CERT/CC recommends disabling all services that are not explicitly required.

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationVulnerable23-Feb-2004

References


http://www.microsoft.com/technet/security/bulletin/MS04-006.asp
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/entserver/sag_WINS_ovr_WhatIs.asp

Credit

This vulnerability was reported by Microsoft. Microsoft, in turn, credits Qualys for discovering this vulnerability.

This document was written by Damon Morda.

Other Information

Date Public:2004-02-10
Date First Published:2004-02-23
Date Last Updated:2004-02-23
CERT Advisory: 
CVE-ID(s):CAN-2003-0825
NVD-ID(s):CAN-2003-0825
US-CERT Technical Alerts: 
Metric:2.62
Document Revision:21

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2004 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader