Microsoft NNTP server prior 5.0.2195 and prior 6.0.3790 long message buffer overflow 1.0
 
Plugin ID313
Plugin nameMicrosoft NNTP server prior 5.0.2195 and prior 6.0.3790 long message buffer overflow
Plugin filenameMicrosoft NNTP server prior 5.0.2195 and prior 6.0.3790 long message buffer overflow.plugin
Plugin filesize3551 bytes
Plugin familyWindows
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/05
Plugin version1.0
Plugin protocoltcp
Plugin port119
Plugin procedure detectionopen|sleep|close|pattern_exists 200 NNTP Service *5.0.[0-1]* OR 200 NNTP Service *5.0.20[0-8]* OR 200 NNTP Service *5.0.209[0-4]* OR 200 NNTP Service *6.0.[0-2]* OR 200 NNTP Service *6.0.3[0-6]* OR 200 NNTP Service *6.0.37[0-8]*
Plugin detection accuracy85
Plugin commentThe NASL script is Copyright (C) 2004 Tenable Network Security
Bug published nameLucas Lavarello und Juliano Rizzo
Bug published webhttp://www.coresecurity.com
Bug published companyCore Security Technologies
Bug published date2004/10/12
Bug advisoryhttp://www.microsoft.com/technet/security/bulletin/MS04-036.mspx
Bug produced nameMicrosoft
Bug produced emailinfo at microsoft dot com
Bug produced webhttp://www.microsoft.com
Bug affectedMicrosoft NNTP server prior 5.0.2195 and prior 6.0.3790
Bug vulnerability classBuffer Overflow
Bug descriptionThe remote host is running a version of Microsoft NNTP server which is vulnerable to a buffer overflow issue. An attacker may exploit this flaw to execute arbitrary commands on the remote host with the privileges of the NNTP server process.
Bug solutionSee http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx
Bug fixing timeApprox. 20 minutes
Bug exploit availabilityYes
Bug exploit urlhttp://www.securiteam.com/windowsntfocus/6T00C0UBGU.html
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity8
Bug simplicity7
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 15465 (MS NNTP Vulnerability (883935)). An exploit has been published on SecuriTeam.com
Source CVECVE-2004-0574
Source SecurityFocus BID11379
Source Secunia ID12802
Source SecuriTeam URLhttp://www.securiteam.com/windowsntfocus/6T00C0UBGU.html
Source Security Tracker ID1011631
Source scipID883
Source Heise News52083
Source Heise Security52083
Source Nessus ID15465
Source Microsoft Security Bulletin IDMS04-036
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.2004-A-0018

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.