7.5 - MS04-031

Executive Summary

Informations
Name	MS04-031	First vendor Publication	N/A
Vendor	Microsoft	Last vendor Modification	N/A
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1852

Oval ID:	oval:org.mitre.oval:def:1852
Title:	Windows NT Terminal Server Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	3
Platform(s):	Microsoft Windows NT	Product(s):	NetDDE
Definition Synopsis:
Windows NT Server 4.0, Terminal Server Edition is installed Microsoft Windows NT is installed AND this is an NT Terminal Server AND the version of nddenb32.dll is less than 4.0.1381.33565 AND the version of netdde.exe is less than 4.0.1381.33574 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:2394

Oval ID:	oval:org.mitre.oval:def:2394
Title:	Windows NT Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	4
Platform(s):	Microsoft Windows NT	Product(s):	NetDDE
Definition Synopsis:
Windows NT Server 4.0 is installed Microsoft Windows NT is installed AND Windows NT server product option this is an NT Server (stand-alone) AND this is an NT Server (domain controller) AND the version of nddenb32.dll is less than 4.0.1381.7268 AND the version of netdde.exe is less than 4.0.1381.7280 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:3120

Oval ID:	oval:org.mitre.oval:def:3120
Title:	Windows 2000 Unchecked Buffer in NetDDE (Test 1)
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	8
Platform(s):	Microsoft Windows 2000	Product(s):	NetDDE
Definition Synopsis:
Windows 2000 (sp5 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of netdde.exe is less than 5.0.2195.6952 AND the version of nddenb32.dll is less than 5.0.2195.6922 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:3242

Oval ID:	oval:org.mitre.oval:def:3242
Title:	Windows XP (64-Bit) Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	8
Platform(s):	Microsoft Windows XP	Product(s):	NetDDE
Definition Synopsis:
Windows XP is installed AND 64-Bit version of Windows is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND a vulnerable version of netdde.exe exists the version of netdde.exe is less than 5.1.2600.1567 AND the 64-bit WOW version of netdde.exe is less than 5.1.2600.1567 AND a vulnerable version of nddenb32.dll exists the version of nddenb32.dll is less than 5.1.2600.1555 AND the 64-bit WOW version of nddenb32.dll is less than 5.1.2600.1555 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:4592

Oval ID:	oval:org.mitre.oval:def:4592
Title:	Windows Server 2003 (32-Bit) Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	2
Platform(s):	Microsoft Windows Server 2003	Product(s):	NetDDE
Definition Synopsis:
Windows Server 2003 is installed AND 32-Bit version of Windows is installed AND the version of nddenb32.dll is less than 5.2.3790.173 AND the version of netdde.exe is less than 5.2.3790.184 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:5074

Oval ID:	oval:org.mitre.oval:def:5074
Title:	Windows XP (32-Bit) Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	7
Platform(s):	Microsoft Windows XP	Product(s):	NetDDE
Definition Synopsis:
Windows XP is installed AND 32-Bit version of Windows is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND a vulnerable version of nddenb32.dll exists no service pack is installed and a vulnerable version of nddenb32.dll exists NOT Win2K/XP/2003 is patched AND the version of nddenb32.dll is less than 5.1.2600.149 OR Service Pack 1 is installed and a vulnerable version of nddenb32.dll exists Win2K/XP/2003 service pack 1 is installed AND the version of nddenb32.dll is less than 5.1.2600.1555 AND a vulnerable version of netdde.exe exists no service pack is installed and a vulnerable version of netdde.exe exists NOT Win2K/XP/2003 is patched AND the version of netdde.exe is less than 5.1.2600.158 OR Service Pack 1 is installed and a vulnerable version of netdde.exe exists Win2K/XP/2003 service pack 1 is installed AND the version of netdde.exe is less than 5.1.2600.1567 AND NOT the patch KB841533 is installed

Definition Id: oval:org.mitre.oval:def:6788

Oval ID:	oval:org.mitre.oval:def:6788
Title:	Windows Server 2003 (64-Bit) Unchecked Buffer in NetDDE
Description:	Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0206	Version:	3
Platform(s):	Microsoft Windows Server 2003	Product(s):	NetDDE
Definition Synopsis:
Windows Server 2003 is installed AND 64-Bit version of Windows is installed AND a vulnerable version of netdde.exe exists the version of netdde.exe is less than 5.2.3790.184 AND the 64-bit WOW version of netdde.exe is less than 5.2.3790.193 AND a vulnerable version of nddenb32.dll exists the version of nddenb32.dll is less than 5.2.3790.173 AND the 64-bit WOW version of nddenb32.dll is less than 5.2.3790.193 AND NOT the patch KB841533 is installed

CPE : Common Platform Enumeration

Type	Description	Count
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::::::::	1
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*	1
Os	Microsoft Windows 98 cpe:2.3:o:microsoft:windows_98::gold::::::*	1
Os	Microsoft Windows Nt cpe:2.3:o:microsoft:windows_nt:4.0:::::::*	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::gold::::::*	1

SAINT Exploits

Description	Link
Windows NetDDE buffer overflow	More info here

ExploitDB Exploits

id	Description
2010-07-03	Microsoft NetDDE Service Overflow
2004-12-31	MS Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)

Open Source Vulnerability Database (OSVDB)

Id	Description
10689	Microsoft Windows NetDDE Remote Overflow A remote overflow exists in Windows. The NetDDE service fails to validate input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-01-10	SMB nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 2971 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt RuleID : 2970 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt RuleID : 2969 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt RuleID : 2968 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt RuleID : 2967 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 2966 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt RuleID : 2965 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt RuleID : 2964 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt RuleID : 2949 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW little endian overflow attempt RuleID : 2948 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt RuleID : 2947 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 2946 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt RuleID : 2939 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt RuleID : 2938 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt RuleID : 2937 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 2936-community - Revision : 18 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 2936 - Revision : 18 - Type : OS-WINDOWS
2014-01-10	Datagram Service NetDDE attack RuleID : 11946 - Revision : 3 - Type : NETBIOS
2014-01-10	Session Service NetDDE attack RuleID : 11816 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode little endian andx object call overf... RuleID : 11815 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW little endian andx object call overflow a... RuleID : 11814 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx object ... RuleID : 11813 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx object call ov... RuleID : 11812 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overfl... RuleID : 11811 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt RuleID : 11810 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt RuleID : 11809 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW andx object call overflow attempt RuleID : 11808 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overflow ... RuleID : 11807 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt RuleID : 11806 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx obje... RuleID : 11805 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt RuleID : 11804 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW little endian andx object call overflow attempt RuleID : 11803 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call ove... RuleID : 11802 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW andx object call overflow attempt RuleID : 11801 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call ... RuleID : 11800 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt RuleID : 11799 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW little endian andx overflow attempt RuleID : 11798 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflo... RuleID : 11797 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt RuleID : 11796 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt RuleID : 11795 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode andx overflow attempt RuleID : 11794 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt RuleID : 11793 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW andx overflow attempt RuleID : 11792 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt RuleID : 11791 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt RuleID : 11790 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode andx overflow attempt RuleID : 11789 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx over... RuleID : 11788 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt RuleID : 11787 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt RuleID : 11786 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt RuleID : 11785 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx over... RuleID : 11784 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW little endian andx overflow attempt RuleID : 11783 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow ... RuleID : 11782 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt RuleID : 11781 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt RuleID : 11780 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt RuleID : 11779 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW andx overflow attempt RuleID : 11778 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt RuleID : 11777 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW andx overflow attempt RuleID : 11776 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt RuleID : 11775 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW andx overflow attempt RuleID : 11774 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt RuleID : 11773 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow att... RuleID : 11772 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt RuleID : 11771 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow at... RuleID : 11770 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow att... RuleID : 11769 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx o... RuleID : 11768 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode little endian object call overflow a... RuleID : 11767 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW little endian object call overflow attempt RuleID : 11766 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object call ... RuleID : 11765 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian object call overflo... RuleID : 11764 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow at... RuleID : 11763 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode object call overflow attempt RuleID : 11762 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt RuleID : 11761 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW object call overflow attempt RuleID : 11760 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow attempt RuleID : 11759 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode object call overflow attempt RuleID : 11758 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object ca... RuleID : 11757 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt RuleID : 11756 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW little endian object call overflow attempt RuleID : 11755 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overflow... RuleID : 11754 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW object call overflow attempt RuleID : 11753 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overf... RuleID : 11752 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt RuleID : 11751 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW little endian overflow attempt RuleID : 11750 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow att... RuleID : 11749 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt RuleID : 11748 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt RuleID : 11747 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW unicode overflow attempt RuleID : 11746 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt RuleID : 11745 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW overflow attempt RuleID : 11744 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt RuleID : 11743 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt RuleID : 11742 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW unicode overflow attempt RuleID : 11741 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow ... RuleID : 11740 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt RuleID : 11739 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt RuleID : 11738 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt RuleID : 11737 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow ... RuleID : 11736 - Revision : 4 - Type : NETBIOS

Metasploit Database

id	Description
2004-10-12	MS04-031 Microsoft NetDDE Service Overflow

Nessus® Vulnerability Scanner

Date	Description
2004-10-27	Name : Arbitrary code can be executed on the remote host. File : netdde.nasl - Type : ACT_GATHER_INFO
2004-10-12	Name : Arbitrary code can be executed on the remote host through the NetDDE service. File : smb_nt_ms04-031.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2020-05-23 13:17:12	Multiple Updates
2014-02-17 11:45:03	Multiple Updates
2014-01-19 21:29:52	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	7
CPE ID(s)	5
Saint Exploit(s)	1
osvdb(s)	1
ExploitDB Exploit(s)	2
Metasploit Exploit(s)	1
Snort® Rule(s)	99
Nessus® Exploit(s)	2

	Related
9	VU#138633
7.5	CVE-2004-0206
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

7.5 - MS04-031

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

OVAL Definitions

CPE : Common Platform Enumeration

SAINT Exploits

ExploitDB Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Metasploit Database

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU