NetBIOS Name Service Reply Information Disclosure
Medium Nessus Network Monitor Plugin ID 1922
SynopsisThe remote host is vulnerable to a flaw that allows attackers to disclose memory.
DescriptionThe remote host is running a version of the NetBT name service which suffers from a memory disclosure problem.
An attacker may send a special packet to the remote NetBT name service, and the reply will contain random arbitrary data from the remote host memory. This arbitrary data may be a fragment from the web page the remote user is viewing, or something more serious like a cleartext password.
An attacker may use this flaw to continuously 'poll' the content of the memory of the remote host and might be able to obtain sensitive information.
SolutionContact the vendor for a patch or disable NetBIOS over TCP if it is not required.