Vulnerability in the Windows Internet Naming Service (WINS)

Issued: February 10, 2004 - Version Number: 1.0 - Impact of vulnerability: Remote Code Execution - Maximum Severity Rating: Important

Affected Software: Windows NT4/2000/2003 SERVER

Overview:

A security vulnerability exists in the Windows Internet Naming Service (WINS). This vulnerability exists because of the method that WINS uses to validate the length of specially-crafted packets. On Windows Server 2003 this vulnerability could allow an attacker who sent a series of specially-crafted packets to a WINS server to cause the service to fail. Most likely, this could cause a denial of service, and the service would have to be manually restarted to restore functionality.

Download: Microsoft Windows Server 2003 Patch | NT4 Server SP6a Patch | Windows2000 (all versions)

Report a problem with article
Next Article

Apple investigates iPod batteries

Previous Article

Cumulative Security Update for Internet Explorer (832894)