MS03-049: Buffer Overflow in the Workstation Service (828749)
Critical Nessus Plugin ID 11921
SynopsisArbitrary code can be executed on the remote host.
DescriptionThe remote version of Windows contains a flaw in the function NetpValidateName() in the WorkStation service that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges.
A series of worms (Welchia, Spybot, ...) are known to exploit this vulnerability in the wild.
SolutionMicrosoft has released a set of patches for Windows 2000 and XP.