oval:org.mitre.oval:def:5021

Definition Id: oval:org.mitre.oval:def:5021

Oval ID:	oval:org.mitre.oval:def:5021
Title:	Vulnerability in NNTP Could Allow Remote Code Execution
Description:	The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0574	Version:	3
Platform(s):	Microsoft Windows Server 2003	Product(s):	Network News Transport Protocol (NNTP)
Definition Synopsis:
Software section Windows Server 2003 is installed AND 64-Bit version of Windows is installed AND the version of nntpsvc.dll is less than 6.0.3790.206 AND NOT the patch WindowsServer2003-KB883935-ia64-enu.exe is installed AND Configuration section the NNTP service is enabled