Windows : Vulnerability in NetDDE Could Allow Code Execution (841533)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.15456

Categoría: Windows

Título: Vulnerability in NetDDE Could Allow Code Execution (841533)

Resumen: NOSUMMARY

Descripción: Description:

The remote version of Windows is affected by a vulnerability in
Network Dynamic Data Exchange (NetDDE).

To exploit this flaw, NetDDE would have to be running and an attacker
with a specific knowledge of the vulnerability would need to send a malformed
NetDDE message to the remote host to overrun a given buffer.

Solution : http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx
Risk factor : High

Referencia Cruzada: BugTraq ID: 11372
Common Vulnerability Exposure (CVE) ID: CVE-2004-0206
http://www.securityfocus.com/bid/11372
Bugtraq: 20041013 Microsoft Windows NetDDE Service Buffer Overflow (Google Search)
http://marc.info/?l=bugtraq&m=109786703930674&w=2
CERT/CC vulnerability note: VU#640488
http://www.kb.cert.org/vuls/id/640488
Microsoft Security Bulletin: MS04-031
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1852
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2394
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3120
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3242
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4592
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5074
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6788
http://secunia.com/advisories/12803/
XForce ISS Database: win-ms04031-patch(17657)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17657
XForce ISS Database: win-netdde-bo(16556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16556

Copyright This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.15456
Categoría:	Windows
Título:	Vulnerability in NetDDE Could Allow Code Execution (841533)
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of Windows is affected by a vulnerability in Network Dynamic Data Exchange (NetDDE). To exploit this flaw, NetDDE would have to be running and an attacker with a specific knowledge of the vulnerability would need to send a malformed NetDDE message to the remote host to overrun a given buffer. Solution : http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 11372 Common Vulnerability Exposure (CVE) ID: CVE-2004-0206 http://www.securityfocus.com/bid/11372 Bugtraq: 20041013 Microsoft Windows NetDDE Service Buffer Overflow (Google Search) http://marc.info/?l=bugtraq&m=109786703930674&w=2 CERT/CC vulnerability note: VU#640488 http://www.kb.cert.org/vuls/id/640488 Microsoft Security Bulletin: MS04-031 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1852 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2394 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3242 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4592 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6788 http://secunia.com/advisories/12803/ XForce ISS Database: win-ms04031-patch(17657) https://exchange.xforce.ibmcloud.com/vulnerabilities/17657 XForce ISS Database: win-netdde-bo(16556) https://exchange.xforce.ibmcloud.com/vulnerabilities/16556
Copyright	This script is Copyright (C) 2004 Tenable Network Security