Affected Software:
Microsoft Windows NT 4.0 Server, NT 4.0 - Terminal Server Edition, 2000, XP & 2003
A security issue has been identified in Microsoft Windows that could allow an attacker to see information in your computer’s memory over a network. This vulnerability involves 1 of the NetBIOS over TCP/IP (NetBT) services, the NetBIOS Name Server (NBNS). With this service, you can find a computer's IP address by using its NetBIOS name, & vice versa.
Under certain conditions, the response to a NetBT name service query may, in addition to the usual reply, contain random data from the destination computer's memory. This data may be a piece of HTML if the user on the destination computer is using an Internet browser, or it may contain other types of data that existed in memory at the time when the destination computer responded to a NetBT name service query. An attacker could seek to exploit this vulnerability by sending the destination computer a NetBT name service query & then looking carefully at the response to determine whether any random data from that computer's memory is included.
Patch Availbility
Flaw in NetBIOS Could Lead to Information Disclosure
09-03-2003
