NetBIOS Name Service Reply Information Disclosure

Medium Nessus Network Monitor Plugin ID 1922

Synopsis

The remote host is vulnerable to a flaw that allows attackers to disclose memory.

Description

The remote host is running a version of the NetBT name service which suffers from a memory disclosure problem.
An attacker may send a special packet to the remote NetBT name service, and the reply will contain random arbitrary data from the remote host memory. This arbitrary data may be a fragment from the web page the remote user is viewing, or something more serious like a cleartext password.
An attacker may use this flaw to continuously 'poll' the content of the memory of the remote host and might be able to obtain sensitive information.

Solution

Contact the vendor for a patch or disable NetBIOS over TCP if it is not required.

See Also

http://www.securityfocus.com/bid/8532

Plugin Details

Severity: Medium

ID: 1922

Family: Generic

Published: 2004/08/20

Modified: 2018/09/16

Dependencies: 2750, 2757

Nessus ID: 11830

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Reference Information

CVE: CVE-2003-0661

BID: 8532