Microsoft Windows NT WINS Service Malformed Data DoS

Medium Nessus Plugin ID 10315


The remote service is vulnerable to denial of service.


We could crash the remote WINS server by sending it a lot of UDP packets containing random data.

If you do not use WINS, then deactivate this server.

An attacker may use this flaw to bring down your NT network.


Upgrade Windows NT to SP5 or later.

See Also

Plugin Details

Severity: Medium

ID: 10315

File Name: wins_udp_flood.nasl

Version: $Revision: 1.24 $

Type: remote

Agent: windows

Family: Windows

Published: 1999/08/30

Modified: 2016/11/29

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 1999/06/04

Reference Information

CVE: CVE-1999-0288

BID: 298

OSVDB: 967