[Openvas-discuss] false positive: Microsoft MS03-034

Reindl Harald h.reindl at thelounge.net
Sun Sep 1 11:09:53 CEST 2013


Medium (CVSS: 5.0)
NVT: Microsoft MS03-034 security check (OID: 1.3.6.1.4.1.25623.1.0.101015)
netbios-ns (137/tcp)

how can this be on a full patched Windows Server 2008 R2 with no
single port open on the management-interface except 3389?

the links in the openvas-result are all for Windows NT/XP/2003 and
this issue was wrongly reported month ago the first time and
in the meantime fixed
______________________________________

Under certain conditions, the response to a NetBT Name Service query may, in addition to t↵
he typical reply,
contain random data from the target system's memory. This data could, for example, be a se↵
gment of HTML
if the user on the target system was using an Internet browser, or it could contain other ↵
types of data
that exist in memory at the time that the target system responds to the NetBT Name Service↵
 query.
An attacker could seek to exploit this vulnerability by sending a NetBT Name Service query↵
 to the target system
and then examine the response to see if it included any random data from that system's mem↵
ory.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20130901/184a5ffd/attachment.asc>


More information about the Openvas-discuss mailing list