1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Microsoft Windows NetBIOS Random Memory Content Disclosure

Report ID: SA9665
Source: Secunia
Date of Discovery: 03.09.2003
Criticality: Urgent
Affects:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Compromise From: From local network
Compromise Type: Exposure of sensitive information

Summary

A vulnerability has been discovered in all supported Windows versions except Windows ME, which can be exploited by malicious people to disclose potentially sensitive information.

Detailed Description

A vulnerability has been discovered in all supported Windows versions except Windows ME, which can be exploited by malicious people to disclose potentially sensitive information.

The problem is that the NetBIOS Name Service (port 137/udp) padds datagrams with random memory content when replying to Name Service queries. This can be exploited by sending Name Service queries to a system and then examining the responses.

Successful exploitation allows disclosure of arbitrary memory content, which potentially may reveal sensitive information.

Solution

Apply patches automatically via WindowsUpdate or manually.

Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=A59CC2AC-F182-4CD5-ACE7-3D4C2E3F1326&displaylang=en

Windows Server 2003 64 bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=140CF7BE-0371-4D17-8F4C-951B76AC3024&displaylang=en

Windows XP:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1C9D8E86-5B8C-401A-88B2-4443FFB9EDC3&displaylang=en

Windows XP 64 bit Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=378D4B58-BF2C-4406-9D88-E6A3C4601795&displaylang=en

Windows 2000 (requires SP3/SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=D0564162-4EAE-42C8-B26C-E4D4D496EAD8&displaylang=en

Windows NT 4 Server (requires SP6a):
http://www.microsoft.com/downloads/details.aspx?FamilyId=F131D63A-F74F-4CAF-95BD-D7FA37ADCF38&displaylang=en

Windows NT 4 Terminal Server Edition (requires SP6):
http://www.microsoft.com/downloads/details.aspx?FamilyId=22379951-64A9-446B-AC8F-3F2F080383A9&displaylang=en

CVE Reference

CVE-2003-0661