Microsoft Windows NT WINS Service Malformed Data DoS

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.


Synopsis :

The remote service is vulnerable to denial of service.

Description :

We could crash the remote WINS server by sending it a lot of UDP packets containing
random data.

If you do not use WINS, then deactivate this server.

An attacker may use this flaw to bring down your NT network.

See also :

http://safenetworks.com/Windows/wins.html

Solution :

Upgrade Windows NT to SP5 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 10315 ()

Bugtraq ID: 298

CVE ID: CVE-1999-0288

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now