The remote host appears to be running Microsoft Windows 95/98

The version of Windows installed on the remote host is vulnerable to the 'winpopups' or 'rfparalyze' denial of service. A user can leverage this issue to crash the remote host.

Note that Nessus crashed the remote host to test this flaw.

It was possible to crash the remote Microsoft Media Server by sending it specially crafted packets.

It was possibly to crash the remote telnet server by sending a very long user name.  A remote attacker could exploit this to crash the server, or possibly execute arbitrary code.

An 'rfpoison' packet has been sent to the remote host. This packet is supposed to crash the 'services.exe' process, making the system unstable.

The remote host is listening on UDP port 137 or TCP port 445, and replies to NetBIOS nbtscan or SMB requests.

Note that this plugin gathers information to be used in other plugins, but does not itself generate a report.

We could crash the remote WINS server by sending it a lot of UDP packets containing random data.

If you do not use WINS, then deactivate this server.

An attacker may use this flaw to bring down your NT network.

We could make the remote PPTP host crash by telnetting to port 1723, and sending garbage followed by the character ^D. (control-d).

An attacker may use this flaw to deny service.

It was possible to crash the remote Progressive Networks Real Video Server by sending it specially crafted data.

An attacker may use this flaw to prevent you from sharing sound and video.

It was possible to crash the remote system using the 'oshare' attack.

An attacker may use this problem to prevent your site from working properly.

The remote POP3 server, which is probably part of WinGate, could be crashed with the following command :

    USER x#999(...)999

This problem may prevent users on your network from retrieving their emails.

The remote Wingate service can be forced to connect to itself continually until it runs out of buffers. When this happens, the telnet proxy service will be disabled.

An attacker may block your telnet proxy this way, thus preventing your system from working properly if you need telnet. An attacker may also use this flaw to force your systems to use another proxy which may be under the attacker's control.

Wingate is a program that allows a Windows98 computer to act as a proxy.
Unfortunately, the default configuration is too permissive and allows anyone to use this computer to connect anywhere, thus hiding the real IP address.

This WinGate server does not ask for any passwords, and thus can be used by an attacker from anywhere as a telnet relay.

iParty is an audio/text chat program for Windows. The iParty server listens on port 6004 for client requests. If someone connects to it and sends a large amount of ASCII 255 chars, the server will close itself and disconnect all the current users.

ID	Name	Severity
10392	Microsoft Windows NetBIOS NULL Source Name Remote DoS	high
10289	MS00-013: Microsoft Windows Media Server Malformed Handshake Sequence DoS (253943) (intrusive check)	medium
10026	BFTelnet Username Handling Remote Overflow DoS	critical
10204	Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS	medium
10150	Windows NetBIOS / SMB Remote Host Information Disclosure	info
10315	Microsoft Windows NT WINS Service Malformed Data DoS	medium
10313	Microsoft Windows PPTP Server Malformed Control Packet Remote DoS (179107)	medium
10183	Real Video Server Telnet Malformed Data Remote DoS	medium
10170	Microsoft Windows 98 Malformed oshare Packet DoS	high
10311	WinGate Proxy POP3 USER Overflow	medium
10310	WinGate Telnet Proxy localhost Connection Saturation DoS	medium
10309	WinGate Passwordless Default Installation	high
10111	iParty Client Extended Character Handling Remote Overflow DoS	medium

Detections

Analytics

Windows Family for Nessus

high

medium

critical

medium

info

medium

medium

medium

high

medium

medium

high

medium