Microsoft has identified another security related issue within their Windows Operating Systems. Impact of vulnerability: Denial of Service, potentially run code of attacker?s choice.
Maximum Severity Rating: Moderate
Recommendation: Disable SNMP service if running; apply patch when available.
Affected Software: Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows NT 4.0 Microsoft Windows NT 4.0 Server, Terminal Server Edition Microsoft Windows 2000 Microsoft Windows XP Read more... Patch Availability: A patch is under development and will be available shortly. When this happens, we will re-release this bulletin with information on how to obtain and install the patch. Technical Details:Simple Network Management Protocol (SNMP) is an Internet standard protocol for managing disparate network devices such as firewalls, computers, and routers. All versions of Windows except Windows ME provide an SNMP implementation, which is neither installed nor running by default in any version. A buffer overrun is present in all implementations. By sending a specially malformed management request to a system running an affected version of the SNMP service, an attacker could cause a denial of service. In addition, it is possible that he cause code to run on the system in LocalSystem context. This could potentially give the attacker the ability to take any desired action on the system. Mitigating factors: The SNMP service is neither installed nor running by default in any version of Windows. Standard firewalling practices recommend blocking the port over which SNMP operates (UDP ports 161 and 162). If these recommendations have been followed, the vulnerability could only be exploited by an intranet user. Standard security recommendations recommend against using SNMP except on trusted networks, as the protocol, by design, provides minimal security. Severity Rating: Internet Servers Intranet Servers Client Systems Windows 95 None None Moderate Windows 98 None None Moderate Windows 98SE None None Moderate Windows ME None None None Windows NT 4.0 Low Moderate Moderate Windows NT 4.0 Terminal Server Edition Low Moderate None Windows 2000 Low Moderate Moderate Windows XP None None Moderate Source: Microsoft Technet
Maximum Severity Rating: Moderate
Recommendation: Disable SNMP service if running; apply patch when available.
Affected Software: Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows NT 4.0 Microsoft Windows NT 4.0 Server, Terminal Server Edition Microsoft Windows 2000 Microsoft Windows XP Read more... Patch Availability: A patch is under development and will be available shortly. When this happens, we will re-release this bulletin with information on how to obtain and install the patch. Technical Details:Simple Network Management Protocol (SNMP) is an Internet standard protocol for managing disparate network devices such as firewalls, computers, and routers. All versions of Windows except Windows ME provide an SNMP implementation, which is neither installed nor running by default in any version. A buffer overrun is present in all implementations. By sending a specially malformed management request to a system running an affected version of the SNMP service, an attacker could cause a denial of service. In addition, it is possible that he cause code to run on the system in LocalSystem context. This could potentially give the attacker the ability to take any desired action on the system. Mitigating factors: The SNMP service is neither installed nor running by default in any version of Windows. Standard firewalling practices recommend blocking the port over which SNMP operates (UDP ports 161 and 162). If these recommendations have been followed, the vulnerability could only be exploited by an intranet user. Standard security recommendations recommend against using SNMP except on trusted networks, as the protocol, by design, provides minimal security. Severity Rating: Internet Servers Intranet Servers Client Systems Windows 95 None None Moderate Windows 98 None None Moderate Windows 98SE None None Moderate Windows ME None None None Windows NT 4.0 Low Moderate Moderate Windows NT 4.0 Terminal Server Edition Low Moderate None Windows 2000 Low Moderate Moderate Windows XP None None Moderate Source: Microsoft Technet