Vulnerabilities > CVE-2004-0569 - Unspecified vulnerability in Microsoft Windows NT 4.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS04-029.NASL |
description | The remote Windows operating system contains a bug in RPC Runtime Library. RPC is a protocol used by Windows to provide an inter-process communication mechanism that allows a program running on one system to access services on another one. A bug affecting the implementation of this protocol could allow an attacker to cause it to crash, thus resulting in a crash of the whole operating system, or to disclose random parts of the memory of the remote host. An attacker could exploit this flaw to obtain sensitive information about the remote host, by forcing it to disclose portions of memory containing passwords, or to cause it to crash repeatedly, thus causing a denial of service for legitimate users. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15467 |
published | 2004-10-13 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15467 |
title | MS04-029: Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) |
code |
|
Oval
accepted 2008-03-24T04:00:26.132-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. family windows id oval:org.mitre.oval:def:2505 status accepted submitted 2004-10-18T11:46:00.000-04:00 title RPC Runtime Library Denial of Service and Information Disclosure Vulnerability (NT 4.0) version 73 accepted 2008-03-24T04:00:41.688-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Matthew Burton organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. family windows id oval:org.mitre.oval:def:5277 status accepted submitted 2004-10-18T11:46:00.000-04:00 title RPC Runtime Library Denial of Service and Information Disclosure Vulnerability (NT 4.0 Terminal Server Edition) version 74
References
- http://marc.info/?l=bugtraq&m=109769394209518&w=2
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-029
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17646
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17663
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2505
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5277