Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Windows : Microsoft Bulletins >> NetBIOS Name Server Protocol Spoofing patch

Vulnerability Assessment Details

NetBIOS Name Server Protocol Spoofing patch

Vulnerability Assessment Summary
Acertains whether the hotfix Q269239 is installed

Detailed Explanation for this Vulnerability Assessment

Summary :

It is possible to spoof the netbios name.

Description :

The hotfix for the 'NetBIOS Name Server Protocol Spoofing'
problem has not been applied.

This vulnerability permits a malicious user to make this
host think that its name has already been taken on the
network, thus preventing it to function properly as
a SMB server (or client).

Solution :

http://www.microsoft.com/technet/security/bulletin/ms00-047.mspx

See also :

http://support.microsoft.com/support/kb/articles/q299/4/44.asp

Network Security Threat Level:

Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)

Networks Security ID: 1514, 1515

Vulnerability Assessment Copyright: This script is Copyright (C) 2000 Renaud Deraison

Cables, Connectors