{"vuid":"VU#378160","idnumber":"378160","name":"Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow","keywords":["Microsoft","Windows Internet Naming Service","WINS","computer name validation","remote code execution"],"overview":"A buffer overflow in the WINS service may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.","clean_desc":"The Microsoft WINS service maps IP addresses to NETBIOS computer names.The WINS protocol contains a vulnerability that may allow a remote attacker to compromise a WINS server. Insufficient validation on the name parameter within incoming WINS packets allows a buffer overflow to occur. If a remote attacker supplies a specially crafted packet to a vulnerable WINS server, that attacker may be able to exploit the buffer overflow to execute arbitrary code. According to Microsoft Security Bulletin MS04-045 the following Microsoft products are vulnerable: Microsoft Windows NT Server 4.0 Service Pack 6a\n\tMicrosoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6\n\tMicrosoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4\n\tMicrosoft Windows Server 2003\n\tMicrosoft Windows Server 2003 64-Bit Edition\nFor more detailed information please refer to Microsoft Security Bulletin MS04-045.","impact":"A remote attacker may be able to execute arbitrary code with SYSTEM privileges or cause a denial-of-service condition.","resolution":"Apply Patch Microsoft has released Microsoft Security Bulletin MS04-045 to address this issue. Users are encouraged to review this bulletin and apply the patches it refers to.","workarounds":"Consider Workarounds in MS04-045 Removing the WINS service if it is not needed\nBlocking TCP and UDP port 42\nUsing IPsec as a communication protocol between WINS servers For more detailed information please see Microsoft Knowledge Base Article 890710 and Microsoft Security Bulletin MS04-045.","sysaffected":"","thanks":"Thanks to Microsoft Security for reporting this vulnerability. Microsoft credits Kostya Kortchinsky\n of CERT RENATER with reporting this vulnerability.","author":"This document was written by Jeff Gennari.","public":["http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx","http://secunia.com/advisories/13466/"],"cveids":["CVE-2004-0567"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-12-14T19:29:05Z","publicdate":"2004-12-14T00:00:00Z","datefirstpublished":"2004-12-16T21:34:15Z","dateupdated":"2004-12-16T21:34:27Z","revision":40,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"10","cam_internetinfrastructure":"12","cam_population":"15","cam_impact":"19","cam_easeofexploitation":"8","cam_attackeraccessrequired":"15","cam_scorecurrent":"23.72625","cam_scorecurrentwidelyknown":"26.9325","cam_scorecurrentwidelyknownexploited":"33.345","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":23.72625,"vulnote":null}