Vulnerabilities > CVE-2005-0066 - Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP
Summary
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
Nessus
NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL23440942.NASL description The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790(9.x - 10.x). Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the last seen 2020-06-01 modified 2020-06-02 plugin id 100000 published 2017-05-08 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100000 title F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from F5 Networks BIG-IP Solution K23440942. # # The text description of this plugin is (C) F5 Networks. # include("compat.inc"); if (description) { script_id(100000); script_version("3.6"); script_cvs_date("Date: 2019/05/09 9:52:02"); script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060", "CVE-2005-0065", "CVE-2005-0066", "CVE-2005-0067", "CVE-2005-0068"); script_bugtraq_id(13124); script_name(english:"F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)"); script_summary(english:"Checks the BIG-IP version."); script_set_attribute( attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790(9.x - 10.x). Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the 'blind connection-reset attack.' NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. (CVE-2004-0790) Impact A remote attacker can interfere with the Path MTU Discovery process and cause a performance degradation or reset of FastL4 accelerated TCP connections by spoofing a specifically craftedInternet Control Message Protocol (ICMP) message. This vulnerability only applies to FastL4 virtual servers on BIG-IP platforms with the embedded Packet Velocity Acceleration (ePVA) chip.The ePVA chip is a hardware acceleration Field Programmable Gate Array (FPGA) that delivers high-performance Layer 4 (L4) IPv4 throughput. ePVA chips are included on the following BIG-IP platforms : B2100 Blade in the VIPRION C2400 or C2200 Chassis B2150 Blade in the VIPRION C2400 or C2200 Chassis B2250 Blade in the VIPRION C2400 or C2200 Chassis B4300 Blade in the VIPRION C4480 or C4800 Chassis B4340 Blade in the VIPRION C4480 or C4800 Chassis BIG-IP 12000 series BIG-IP 10000 series BIG-IP 7000 series BIG-IP 5000 series BIG-IP i5000 series BIG-IP i7000 series BIG-IP i10000 series" ); script_set_attribute( attribute:"see_also", value:"https://support.f5.com/csp/article/K23440942" ); script_set_attribute( attribute:"see_also", value:"https://support.f5.com/csp/article/K4583" ); script_set_attribute( attribute:"solution", value: "Upgrade to one of the non-vulnerable versions listed in the F5 Solution K23440942." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/04/12"); script_set_attribute(attribute:"patch_publication_date", value:"2017/05/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"F5 Networks Local Security Checks"); script_dependencies("f5_bigip_detect.nbin"); script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport"); exit(0); } include("f5_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); version = get_kb_item("Host/BIG-IP/version"); if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP"); if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix"); if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules"); sol = "K23440942"; vmatrix = make_array(); if (report_paranoia < 2) audit(AUDIT_PARANOID); # AFM vmatrix["AFM"] = make_array(); vmatrix["AFM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["AFM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # AM vmatrix["AM"] = make_array(); vmatrix["AM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["AM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # APM vmatrix["APM"] = make_array(); vmatrix["APM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["APM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # ASM vmatrix["ASM"] = make_array(); vmatrix["ASM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["ASM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # AVR vmatrix["AVR"] = make_array(); vmatrix["AVR"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["AVR"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # LC vmatrix["LC"] = make_array(); vmatrix["LC"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["LC"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # LTM vmatrix["LTM"] = make_array(); vmatrix["LTM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["LTM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); # PEM vmatrix["PEM"] = make_array(); vmatrix["PEM"]["affected" ] = make_list("13.0.0","12.0.0-12.1.2"); vmatrix["PEM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1"); if (bigip_is_affected(vmatrix:vmatrix, sol:sol)) { if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get()); else security_hole(0); exit(0); } else { tested = bigip_get_tested_modules(); audit_extra = "For BIG-IP module(s) " + tested + ","; if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version); else audit(AUDIT_HOST_NOT, "running any of the affected modules"); }
NASL family CISCO NASL id CISCO-SA-20050412-ICMP.NASL description A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled last seen 2020-06-01 modified 2020-06-02 plugin id 48985 published 2010-09-01 reporter This script is (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48985 title Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems code # # (C) Tenable Network Security, Inc. # # Security advisory is (C) CISCO, Inc. # See https://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(48985); script_version("1.16"); script_cve_id( "CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060", "CVE-2005-0065", "CVE-2005-0066", "CVE-2005-0067", "CVE-2005-0068" ); script_bugtraq_id(13124); script_xref(name:"CERT", value:"222750"); script_xref(name:"CISCO-BUG-ID", value:"CSCed78149"); script_xref(name:"CISCO-BUG-ID", value:"CSCef43691"); script_xref(name:"CISCO-BUG-ID", value:"CSCef44699"); script_xref(name:"CISCO-BUG-ID", value:"CSCef45332"); script_xref(name:"CISCO-BUG-ID", value:"CSCef46728"); script_xref(name:"CISCO-BUG-ID", value:"CSCef54204"); script_xref(name:"CISCO-BUG-ID", value:"CSCef54206"); script_xref(name:"CISCO-BUG-ID", value:"CSCef54947"); script_xref(name:"CISCO-BUG-ID", value:"CSCef57566"); script_xref(name:"CISCO-BUG-ID", value:"CSCef60659"); script_xref(name:"CISCO-BUG-ID", value:"CSCef61610"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh04183"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh20083"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh45454"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh59823"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh62307"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh63449"); script_xref(name:"CISCO-BUG-ID", value:"CSCeh65337"); script_xref(name:"CISCO-BUG-ID", value:"CSCsa52807"); script_xref(name:"CISCO-BUG-ID", value:"CSCsa59600"); script_xref(name:"CISCO-BUG-ID", value:"CSCsa60692"); script_xref(name:"CISCO-BUG-ID", value:"CSCsa61864"); script_xref(name:"CISCO-SA", value:"cisco-sa-20050412-icmp"); script_name(english:"Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems"); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch" ); script_set_attribute(attribute:"description", value: 'A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt ). These attacks, which only affect sessions terminating or originating on a device itself, can be of three types: Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft. Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability. '); script_set_attribute(attribute:"see_also", value: "https://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html"); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20050412-icmp script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?1ba12045"); # https://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?8b803ffb"); script_set_attribute(attribute:"solution", value: "Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20050412-icmp." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value: "local"); script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/04/12"); script_set_attribute(attribute:"patch_publication_date", value: "2005/04/12"); script_set_attribute(attribute:"plugin_publication_date", value: "2010/09/01"); script_cvs_date("Date: 2018/11/15 20:50:20"); script_end_attributes(); script_summary(english:"Uses SNMP to determine if a flaw is present"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencie("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version"); exit(0); } include("cisco_func.inc"); # version = get_kb_item_or_exit("Host/Cisco/IOS/Version"); # Affected: 12.0 if (check_release(version: version, patched: make_list("12.0(28c)") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.0DA")) { security_warning(port:0, extra: '\nUpdate to 12.2(12)DA8 or later\n'); exit(0); } if (deprecated_version(version, "12.0DB")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.0DC")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } # Affected: 12.0S if (check_release(version: version, patched: make_list("12.0(27)S5", "12.0(28)S3", "12.0(30)S1", "12.0(31)S"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.0SC")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } if (deprecated_version(version, "12.0SL")) { security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0); } if (deprecated_version(version, "12.0SP")) { security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0); } if (deprecated_version(version, "12.0ST")) { security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0); } if (deprecated_version(version, "12.0SX")) { security_warning(port:0, extra: '\nNo fixes are planned for 12.0SX releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.0SZ")) { security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0); } if (deprecated_version(version, "12.0T")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } # Affected: 12.0W5 if ("W5" >< version && check_release(version: version, patched: make_list("12.0(25)W5(27c)", "12.0(28)W5(31a)") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.0WC if (check_release(version: version, patched: make_list("12.0(5)WC12") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.0XA")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XB")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XC")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XD")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XE")) { security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0); } if (deprecated_version(version, "12.0XF")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XG")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XH")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XI")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XJ")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XK")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.0XL")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.0XM")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XN")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XQ")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } if (deprecated_version(version, "12.0XR")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.0XS")) { security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0); } if (deprecated_version(version, "12.0XV")) { security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0); } # Affected: 12.1 if (check_release(version: version, patched: make_list("12.1(27)"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.1AA")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1AX")) { security_warning(port:0, extra: '\nUpdate to 12.2(25)EY or later\n'); exit(0); } if (deprecated_version(version, "12.1AZ")) { security_warning(port:0, extra: '\nUpdate to 12.1(22)EA4 or later\n'); exit(0); } if (deprecated_version(version, "12.1DA")) { security_warning(port:0, extra: '\nUpdate to 12.2(12)DA8 or later\n'); exit(0); } if (deprecated_version(version, "12.1DB")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.1DC")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } # Affected: 12.1E if (check_release(version: version, patched: make_list("12.1(22)E6", "12.1(23)E3", "12.1(26)E1") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.1EA if (check_release(version: version, patched: make_list("12.1(22)EA4") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.1EB")) { security_warning(port:0, extra: '\nNo fixes are available for 12.1EB releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.1EC")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } # Affected: 12.1EO if (check_release(version: version, patched: make_list("12.1(19)EO4") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.1EU")) { security_warning(port:0, extra: '\nUpdate to 12.2(20)EU or later\n'); exit(0); } if (deprecated_version(version, "12.1EV")) { security_warning(port:0, extra: '\nNo fixes are available for 12.1EV releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.1EW")) { security_warning(port:0, extra: '\nUpdate to 12.2(18)EW3 or later\n'); exit(0); } if (deprecated_version(version, "12.1EX")) { security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0); } if (deprecated_version(version, "12.1EY")) { security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0); } if (deprecated_version(version, "12.1T")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XA")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XB")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XC")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XD")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XE")) { security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0); } if (deprecated_version(version, "12.1XF")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XG")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XH")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XI")) { security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0); } if (deprecated_version(version, "12.1XJ")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XL")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XM")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XP")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XQ")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XR")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XT")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XU")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1XV")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YA")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YB")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YC")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YD")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YE")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YF")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YH")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YI")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.1YJ")) { security_warning(port:0, extra: '\nUpdate to 12.1(22)EA4 or later\n'); exit(0); } # Affected: 12.2 if (check_release(version: version, patched: make_list("12.2(28)"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2B")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.2BC if (check_release(version: version, patched: make_list("12.2(15)BC2f") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2BW")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2BY")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2BZ")) { security_warning(port:0, extra: '\nUpdate to 12.3(7)XI5 or later\n'); exit(0); } # Affected: 12.2CX if (deprecated_version(version, "12.2CX")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } # Affected: 12.2CY if (deprecated_version(version, "12.2CY")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } if (deprecated_version(version, "12.2CZ")) { security_warning(port:0, extra: '\nNo fix is planned for 12.2CZ releases. Upgrade to a supported release\n'); exit(0); } # Affected: 12.2DA if (check_release(version: version, patched: make_list("12.2(12)DA8") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2DD")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2DX")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.2EU if (check_release(version: version, patched: make_list("12.2(20)EU"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.2EW if (check_release(version: version, patched: make_list("12.2(18)EW3") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.2EWA if (check_release(version: version, patched: make_list("12.2(25)EWA") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2EX")) { security_warning(port:0, extra: '\nUpdate to 12.2(25)SEB or later\n'); exit(0); } # Affected: 12.2EY if (check_release(version: version, patched: make_list("12.2(25)EY") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2JA")) { security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0); } if (deprecated_version(version, "12.2JK")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2JK releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.2MB")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2MB releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.2MC")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.2S if (check_release(version: version, patched: make_list("12.2(14)S13", "12.2(18)S8", "12.2(20)S7", "12.2(25)S3") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.2SE if (check_release(version: version, patched: make_list("12.2(25)SEB"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.2SO if (check_release(version: version, patched: make_list("12.2(18)SO1") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2SU")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2SU releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.2SV")) { security_warning(port:0, extra: '\nUpdate to 12.2(25)S3 or later\n'); exit(0); } if (deprecated_version(version, "12.2SW")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2SU releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.2SX")) { security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0); } # Affected: 12.2SXA and 12.2SXB if (("SXA" >< version || "SXB" >< version) && check_release(version: version, patched: make_list("12.2(17d)SXB7") )) { security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0); } # Affected: 12.2SXD if ("SXD" >< version && check_release(version: version, patched: make_list("12.2(18)SXD4") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2SY")) { security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0); } if (deprecated_version(version, "12.2SZ")) { security_warning(port:0, extra: '\nUpdate to 12.2(20)S7 or later\n'); exit(0); } # Affected: 12.2T if (check_release(version: version, patched: make_list("12.2(15)T15") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2XA")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XB")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XC")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2XD")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XE")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XF")) { security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0); } if (deprecated_version(version, "12.2XG")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XH")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XI")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XJ")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XK")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XL")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XM")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XN")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XQ")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XR")) { security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0); } if (deprecated_version(version, "12.2XT")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XU")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2XW")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } # Affected: 12.2YA if (check_release(version: version, patched: make_list("12.2(4)YA9") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2YB")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YC")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YD")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YE")) { security_warning(port:0, extra: '\nUpdate to 12.2(25)S3 or later\n'); exit(0); } if (deprecated_version(version, "12.2YF")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YG")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YH")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YJ")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YK")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YL")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YM")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YN")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YO")) { security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0); } if (deprecated_version(version, "12.2YQ")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YR")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YT")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2YU")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YV")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YW")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YX")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2YX releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.2YY")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2YZ")) { security_warning(port:0, extra: '\nUpdate to 12.2(20)S7 or later\n'); exit(0); } if (deprecated_version(version, "12.2ZA")) { security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0); } if (deprecated_version(version, "12.2ZB")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZC")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZD")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZE")) { security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0); } if (deprecated_version(version, "12.2ZF")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZG")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.2ZH if (check_release(version: version, patched: make_list("12.2(13)ZH6") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2ZJ")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZK")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.2ZL if (check_release(version: version, patched: make_list("12.2(15)ZL2") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.2ZN")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.2ZP")) { security_warning(port:0, extra: '\nNo fixes are available for 12.2ZP releases. Upgrade to a supported release\n'); exit(0); } # Affected: 12.3 if (check_release(version: version, patched: make_list("12.3(3h)", "12.3(5e)", "12.3(6e)", "12.3(9d)", "12.3(10c)", "12.3(12b)", "12.3(13a)", "12.3(13)"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3B")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.3BC if (check_release(version: version, patched: make_list("12.3(9a)BC2") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3BW")) { security_warning(port:0, extra: '\nUpdate to 12.3(7)T8 or later\n'); exit(0); } # Affected: 12.3JA if (check_release(version: version, patched: make_list("12.3(4)JA"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.3T if (check_release(version: version, patched: make_list("12.3(7)T8", "12.3(8)T7", "12.3(11)T4", "12.3(14)T"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3XA")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XB")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.3XC if (check_release(version: version, patched: make_list("12.3(2)XC3") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3XD")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XE")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XF")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XG")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3XG releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.3XH")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.3XI if (check_release(version: version, patched: make_list("12.3(7)XI3") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3XJ")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3XJ releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.3XK")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XL")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XM")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XQ")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XR")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XS")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } if (deprecated_version(version, "12.3XT")) { security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0); } if (deprecated_version(version, "12.3XU")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3XU releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.3XW")) { security_warning(port:0, extra: '\nUpdate to 12.3(11)YF2 or later\n'); exit(0); } if (deprecated_version(version, "12.3XX")) { security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0); } # Affected: 12.3XY if (check_release(version: version, patched: make_list("12.3(8)XY4") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3YA")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3YA releases. Upgrade to a supported release\n'); exit(0); } if (deprecated_version(version, "12.3YD")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3YD releases. Upgrade to a supported release\n'); exit(0); } # Affected: 12.3YF if (check_release(version: version, patched: make_list("12.3(11)YF2") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.3YG if (check_release(version: version, patched: make_list("12.3(8)YG1") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3YH")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3YH releases. Upgrade to a supported release\n'); exit(0); } # Affected: 12.3YI if (check_release(version: version, patched: make_list("12.3(8)YI"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } if (deprecated_version(version, "12.3YJ")) { security_warning(port:0, extra: '\nNo fixes are available for 12.3YJ releases. Upgrade to a supported release\n'); exit(0); } # Affected: 12.3YK if (check_release(version: version, patched: make_list("12.3(11)YK"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: TCPv6 if (check_release(version: version, patched: make_list("12.3(11)YK") )) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.3YN if (check_release(version: version, patched: make_list("12.3(11)YN"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } # Affected: 12.3YQ if (check_release(version: version, patched: make_list("12.3(14)YQ"))) { security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0); } exit(0, "The remote host is not affected");
NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS05-019.NASL description The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw could allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host, or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a Denial of Service against a vulnerable system. last seen 2020-06-01 modified 2020-06-02 plugin id 18023 published 2005-04-12 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18023 title MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(18023); script_version("1.43"); script_cvs_date("Date: 2018/11/15 20:50:29"); script_cve_id( "CVE-2004-0230", "CVE-2004-0790", "CVE-2004-1060", "CVE-2005-0048", "CVE-2005-0065", "CVE-2005-0066", "CVE-2005-0067", "CVE-2005-0068", "CVE-2005-0688" ); script_bugtraq_id(13116, 13124, 13658); script_xref(name:"MSFT", value:"MS05-019"); script_xref(name:"CERT", value:"222750"); script_xref(name:"CERT", value:"233754"); script_xref(name:"CERT", value:"396645"); script_xref(name:"CERT", value:"415294"); script_xref(name:"EDB-ID", value:"276"); script_xref(name:"EDB-ID", value:"291"); script_xref(name:"EDB-ID", value:"861"); script_xref(name:"EDB-ID", value:"948"); script_xref(name:"EDB-ID", value:"24030"); script_xref(name:"EDB-ID", value:"24031"); script_xref(name:"EDB-ID", value:"24032"); script_xref(name:"EDB-ID", value:"24033"); script_xref(name:"EDB-ID", value:"25383"); script_xref(name:"EDB-ID", value:"25388"); script_xref(name:"EDB-ID", value:"25389"); script_xref(name:"MSKB", value:"893066"); script_name(english:"MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066)"); script_summary(english:"Checks the remote registry for 893066"); script_set_attribute(attribute:"synopsis", value: "Arbitrary code can be executed on the remote host due to a flaw in the TCP/IP stack."); script_set_attribute(attribute:"description", value: "The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw could allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host, or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a Denial of Service against a vulnerable system."); script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2005/ms05-019"); script_set_attribute(attribute:"solution", value: "Microsoft has released a set of patches for Windows 2000, XP and 2003."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/03/05"); script_set_attribute(attribute:"patch_publication_date", value:"2005/04/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/12"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"Windows : Microsoft Bulletins"); script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl"); script_require_keys("SMB/MS_Bulletin_Checks/Possible"); script_require_ports(139, 445, 'Host/patch_management_checks'); exit(0); } include("audit.inc"); include("smb_hotfixes_fcheck.inc"); include("smb_hotfixes.inc"); include("smb_func.inc"); include("misc_func.inc"); get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible"); bulletin = 'MS05-019'; kb = '893066'; kbs = make_list(kb); if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE); get_kb_item_or_exit("SMB/Registry/Enumerated"); get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1); if (hotfix_check_sp_range(win2k:'3,4', xp:'1,2', win2003:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN); rootfile = hotfix_get_systemroot(); if (!rootfile) exit(1, "Failed to get the system root."); share = hotfix_path2share(path:rootfile); if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share); if ( hotfix_is_vulnerable(os:"5.2", sp:0, file:"Tcpip.sys", version:"5.2.3790.336", dir:"\system32\drivers", bulletin:bulletin, kb:kb) || hotfix_is_vulnerable(os:"5.1", sp:1, file:"Tcpip.sys", version:"5.1.2600.1693", dir:"\system32\drivers", bulletin:bulletin, kb:kb) || hotfix_is_vulnerable(os:"5.1", sp:2, file:"Tcpip.sys", version:"5.1.2600.2685", dir:"\system32\drivers", bulletin:bulletin, kb:kb) || hotfix_is_vulnerable(os:"5.0", file:"Tcpip.sys", version:"5.0.2195.7049", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ) { set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE); hotfix_security_hole(); hotfix_check_fversion_end(); exit(0); } else { hotfix_check_fversion_end(); audit(AUDIT_HOST_NOT, 'affected'); }