MS03-034: NetBIOS Name Service Reply Information Leakage (824105) (credentialed check)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

Random portions of memory may be disclosed thru the NetBIOS name
service.

Description :

The remote host is running a version of the NetBT name service that
suffers from a memory disclosure problem.

An attacker could send a special packet to the remote NetBT name
service, and the reply will contain random arbitrary data from the
remote host memory. This arbitrary data may be a fragment from the web
page the remote user is viewing, or something more serious like a POP
password or anything else.

An attacker may use this flaw to continuously 'poll' the content of the
memory of the remote host and might be able to obtain sensitive
information.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms03-034

Solution :

Microsoft has released a set of patches for Windows NT, 2000, XP and
2003.

Risk factor :

Low / CVSS Base Score : 3.3
(CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 2.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 16299 ()

Bugtraq ID: 8532

CVE ID: CVE-2003-0661