MS00-047: NetBIOS Name Server Protocol Spoofing patch (269239)

This script is Copyright (C) 2000-2013 Tenable Network Security, Inc.


Synopsis :

It is possible to spoof the NetBIOS name.

Description :

The hotfix for the 'NetBIOS Name Server Protocol Spoofing' problem
has not been applied.

This vulnerability allows a malicious user to make this host think
that its name has already been taken on the network, thus preventing
it from functioning properly as an SMB server (or client).

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms00-047
http://support.microsoft.com/support/kb/articles/q299/4/44.asp

Solution :

Microsoft has released a set of patches for Windows NT and 2000.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 10482 ()

Bugtraq ID: 1514
1515

CVE ID: CVE-2000-0673