oval:org.mitre.oval:def:298

Definition Id: oval:org.mitre.oval:def:298

Oval ID:	oval:org.mitre.oval:def:298
Title:	Windows 2000 SNMPv1 Trap Handling DoS and Privilege Escalation (Test 2)
Description:	Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2002-0013	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Simple Network Management Protocol (SNMP)
Definition Synopsis:
Software section Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 3 (or later) is installed AND the version of snmp.exe is less than 5.0.2195.4919 AND NOT Patch Q314147 Installed AND Configuration section the SNMP service is enabled