CVE-2004-0567 - Uncrowned Other

Description

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a NT Terminal Server 4.0 SP 6 Windows 2000 Server SP3 and SP4 and Windows Server 2003 does not properly validate the computer name value in a WINS packet which allows remote attackers to execute arbitrary code or cause a denial of service (server crash) which results in an \unchecked buffer\ and possibly triggers a buffer overflow aka the \Name Validation Vulnerability.\

Reference

http://www.kb.cert.org/vuls/id/378160 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.securityfocus.com/bid/11922 http://www.osvdb.org/12370 http://securitytracker.com/id?1012517 http://secunia.com/advisories/13466 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045