Detections
Analytics
MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302) (uncredentialed check)
medium Nessus Plugin ID 16337
Synopsis
System information about the remote host can be obtained by an anonymous user.Description
The remote version of Windows contains a flaw that may allow an attacker to cause it to disclose information over the use of a named pipe through a NULL session.An attacker may exploit this flaw to gain more knowledge about the remote host.
Solution
Microsoft has released a set of patches for Windows XP.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2005/ms05-007
Plugin Details
Severity: Medium
ID: 16337
File Name: smb_kb888302.nasl
Version: 1.25
Type: local
Agent: windows
Family: Windows
Published: 2/10/2005
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.7
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 2/8/2005
Reference Information
CVE: CVE-2005-0051
BID: 12486
MSFT: MS05-007
MSKB: 888302