OVAL Repository - View Definition: oval:org.mitre.oval:def:5021

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:5021		Version: 3 Last Modified: 2007-10-25
Title:	Vulnerability in NNTP Could Allow Remote Code Execution
Description:	The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0574
Platform(s):	Microsoft Windows Server 2003	Product(s):	Network News Transport Protocol (NNTP)
Definition Synopsis:
Software section Windows Server 2003 is installed AND 64-Bit version of Windows is installed AND the version of nntpsvc.dll is less than 6.0.3790.206 AND NOT the patch WindowsServer2003-KB883935-ia64-enu.exe is installed AND Configuration section the NNTP service is enabled

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest