Flaw in NetBIOS Could Lead to Information Disclosure -824105

[dautaydo]

Flaw in NetBIOS Could Lead to Information Disclosure -824105



A security issue has been identified in Microsoft� Windows� that could allow an attacker to see information in your computer�s memory over a network. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.



Impact: Run code of attackers choice

Max Risk: Critical

Bulletin: MS03-037

Download: Flaw in NetBIOS Could Lead to Information Disclosure Patch



Affected Software:

• Microsoft Windows NT 4.0� Server
• Microsoft Windows NT 4.0, Terminal Server Edition
• Microsoft Windows 2000
• Microsoft Windows XP
• Microsoft Windows Server� 2003
  
  
  
  Not Affected Software:
• Microsoft Windows Millennium Edition

More Information:

1. Flaw in NetBIOS Could Lead to Information Disclosure (824105) Affected Software: Microsoft Windows NT 4
2. This update addresses the MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure (824105)Security Update for Windows XP Embedded with SP1 (824105)
3. MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure
4. 824105 MS03-034: Flaw in NetBIOS could lead to information disclosure Networking 824396 A Memory Card Device May Not Be Enumerated on Windows XP Networking
5. Windows Security Bulletin MS05-042, Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)
6. Product = WINDOWS XP SP1, BulletinTitle = Flaw in NetBIOS Could Lead to
7. Flaw in NetBIOS Could Lead to Information Disclosure (824105): This vulnerability involves one of the NetBT (NetBIOS over TCP) services, namely, the
8. For more information, visit the following Microsoft Web site: NetBIOS over TCP/IP (NetBT) concepts
9. 819696 MS03-030: Unchecked Buffer in DirectX Could Enable System Compromise; 824105 MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure

More:

• [VIRUS] W32/Sobig-F
• NET. Messenger update email.
• [VIRUS] W32/Dumaru-A
• [VIRUS] W32/Blaster-D
• DirectX attack expected - patch Windows now
• [VIRUS] W32/Nachi-A
• After installing the Blaster patch ...
• Link to MS latest security patch
• Check your systems shields
• Blaster virus symptoms ???

[deChat]

Thanks. I'm doing some research on NetBIOS and WINS related to XP and Windows 2003 Server and the security bulletin comes at a good time.

More Information:

1. ECHO Installing 824105 Security Update ECHO Flaw in NetBIOS Could Lead to Information Disclosure
2. MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure (824105) (uncredentialed check)
3. An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have an open connection
4. Denial of Service 11616 DBTools DBManager Information Disclosure 10906 Users in the 'Replicator' group 14644 Xedus detection 11144 Flaw in Certificate
5. Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350), STORAGEWORKS NAS is not affected
6. 824105 MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure 824141 MS03-045: Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution 824145 832894 MS03-048: November 2003 Cumulative
7. MS03-034, Flaw in NetBIOS Could Lead to Information Disclosure (824105)
8. Flaw in NetBIOS Could Lead to Information Disclosure (824105) Originally posted: September 03, 2003
9. 817787 MS03-017: Flaw in Windows Media Player Skins Downloading could allow Code Execution; 817606 MS03-024: Buffer Overrun in Windows Could Lead to Data Corruption