Vulnerability Note VU#638548

Microsoft Windows SSP interface fails to properly validate value used during authentication protocol selection

Original Release date: 14 Apr 2004 | Last revised: 14 Apr 2004


A remotely exploitable vulnerability in Microsoft's Negotiate Security Software Provider (SSP) interface could permit an attacker to execute arbitrary code on the system.


Microsoft's Negotiate Security Software Provider (SSP) interface contains a buffer overflow during the processing of data sent for authentication protocol selection. A unathenticated remote attacker could send a malicious request to the SSP service to exploit this vulnerability. The following systems are affected:

  • Windows XP
  • Windows Server 2003
  • Windows 2000
  • Systems running Internet Information Services (IIS)


An unauthenticated remote attacker could cause a denial-of-service situation, or potentially execute arbitrary code on the system with "SYSTEM" privileges.


Apply a patch from the vendor

Microsoft Security Bulletin MS04-011 contains patch information to resolve this issue.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-14 Apr 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Microsoft for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: CAN-2004-0119
  • Date Public: 13 Apr 2004
  • Date First Published: 14 Apr 2004
  • Date Last Updated: 14 Apr 2004
  • Severity Metric: 30.12
  • Document Revision: 3


If you have feedback, comments, or additional information about this vulnerability, please send us email.