Reverend
September 3rd, 2003, 22:53 PM
Flaw in NetBIOS Could Lead to Information Disclosure
A security issue has been identified in Microsoft Windows that could allow an attacker to see information in your computer’s memory over a network. This vulnerability involves one of the NetBIOS over TCP/IP (NetBT) services, the NetBIOS Name Server (NBNS). With this service, you can find a computer's IP address by using its NetBIOS name, and vice versa.
Affected Software:
Microsoft Windows NT 4.0® Server
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server™ 2003
Severity level: Low
:arrow: Download: Server 2003 (http://www.microsoft.com/downloads/details.aspx?FamilyId=A59CC2AC-F182-4CD5-ACE7-3D4C2E3F1326&displaylang=en) | Server 2003 64 bit Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=140CF7BE-0371-4D17-8F4C-951B76AC3024&displaylang=en) | XP (http://www.microsoft.com/downloads/details.aspx?FamilyId=1C9D8E86-5B8C-401A-88B2-4443FFB9EDC3&displaylang=en) | XP 64 bit Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=378D4B58-BF2C-4406-9D88-E6A3C4601795&displaylang=en) | 2000 (http://www.microsoft.com/downloads/details.aspx?FamilyId=D0564162-4EAE-42C8-B26C-E4D4D496EAD8&displaylang=en) | NT 4 Server (http://www.microsoft.com/downloads/details.aspx?FamilyId=F131D63A-F74F-4CAF-95BD-D7FA37ADCF38&displaylang=en) | NT 4 Terminal Server Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=22379951-64A9-446B-AC8F-3F2F080383A9&displaylang=en)
:arrow: View: Microsoft Security Bulletin MS03-034 (http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-034.asp)
:arrow: View: Microsoft Knowledge Base Article - 824105 (http://support.microsoft.com/default.aspx?scid=kb;en-us;824105)
A security issue has been identified in Microsoft Windows that could allow an attacker to see information in your computer’s memory over a network. This vulnerability involves one of the NetBIOS over TCP/IP (NetBT) services, the NetBIOS Name Server (NBNS). With this service, you can find a computer's IP address by using its NetBIOS name, and vice versa.
Affected Software:
Microsoft Windows NT 4.0® Server
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server™ 2003
Severity level: Low
:arrow: Download: Server 2003 (http://www.microsoft.com/downloads/details.aspx?FamilyId=A59CC2AC-F182-4CD5-ACE7-3D4C2E3F1326&displaylang=en) | Server 2003 64 bit Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=140CF7BE-0371-4D17-8F4C-951B76AC3024&displaylang=en) | XP (http://www.microsoft.com/downloads/details.aspx?FamilyId=1C9D8E86-5B8C-401A-88B2-4443FFB9EDC3&displaylang=en) | XP 64 bit Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=378D4B58-BF2C-4406-9D88-E6A3C4601795&displaylang=en) | 2000 (http://www.microsoft.com/downloads/details.aspx?FamilyId=D0564162-4EAE-42C8-B26C-E4D4D496EAD8&displaylang=en) | NT 4 Server (http://www.microsoft.com/downloads/details.aspx?FamilyId=F131D63A-F74F-4CAF-95BD-D7FA37ADCF38&displaylang=en) | NT 4 Terminal Server Edition (http://www.microsoft.com/downloads/details.aspx?FamilyId=22379951-64A9-446B-AC8F-3F2F080383A9&displaylang=en)
:arrow: View: Microsoft Security Bulletin MS03-034 (http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-034.asp)
:arrow: View: Microsoft Knowledge Base Article - 824105 (http://support.microsoft.com/default.aspx?scid=kb;en-us;824105)