Summary
Under certain conditions, the response to a NetBT Name Service query may, in addition to the typical reply, contain random data from the target system's memory. This data could, for example, be a segment of HTML if the user on the target system was using an Internet browser, or it could contain other types of data that exist in memory at the time that the target system responds to the NetBT Name Service query. An attacker could seek to exploit this vulnerability by sending a NetBT Name Service query to the target system and then examine the response to see if it included any random data from that system's memory.
Solution
Microsoft has released a patch to fix this issue, download it from the following website:
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=A59CC2AC-F182-4CD5-ACE7-3D4C2E3F1326&displaylang=en
Windows Server 2003 64 bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=140CF7BE-0371-4D17-8F4C-951B76AC3024&displaylang=en
Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyId=1C9D8E86-5B8C-401A-88B2-4443FFB9EDC3&displaylang=en
Windows XP 64 bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=378D4B58-BF2C-4406-9D88-E6A3C4601795&displaylang=en
Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyId=D0564162-4EAE-42C8-B26C-E4D4D496EAD8&displaylang=en
Windows NT Server 4.0
http://www.microsoft.com/downloads/details.aspx?FamilyId=F131D63A-F74F-4CAF-95BD-D7FA37ADCF38&displaylang=en
Windows NT Server 4.0, Terminal Server Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=22379951-64A9-446B-AC8F-3F2F080383A9&displaylang=en
Severity
Classification
-
CVE CVE-2003-0661 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
- Microsoft Remote Desktop Tampering Vulnerability (2969259)
- Microsoft MS00-058 security check
- Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
- Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)