What is the severity of CVE-2004-0567?

CVE-2004-0567 is considered critical as it allows remote attackers to execute arbitrary code.

How do I fix CVE-2004-0567?

To mitigate CVE-2004-0567, apply the latest service pack or security update provided by Microsoft for the affected versions.

What systems are vulnerable to CVE-2004-0567?

CVE-2004-0567 affects Windows NT Server 4.0 SP6, Windows 2000 Server SP3 and SP4, and Windows Server 2003.

What could happen if CVE-2004-0567 is exploited?

Exploitation of CVE-2004-0567 could lead to remote code execution and potentially full system compromise.

Is there a workaround for CVE-2004-0567?

Disabling the Windows Internet Naming Service (WINS) on affected systems can serve as a temporary workaround for CVE-2004-0567.

Vulnerability/
CVE-2004-0567

high

7.5

CWE

NVD-CWE-Other 119

31/12/2004

8/8/2024

CVE-2004-0567: Buffer Overflow

First published: Fri Dec 31 2004(Updated: )

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2003	=64-bit
Microsoft Windows NT	=4.0-sp6
Microsoft Windows 2000	=sp4
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows Server 2003	=r2
Microsoft Windows 2000	=sp3

Remedy

http://www.ciac.org/ciac/bulletins/p-054.shtml

Remedy

http://www.kb.cert.org/vuls/id/378160

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0567?
CVE-2004-0567 is considered critical as it allows remote attackers to execute arbitrary code.
How do I fix CVE-2004-0567?
To mitigate CVE-2004-0567, apply the latest service pack or security update provided by Microsoft for the affected versions.
What systems are vulnerable to CVE-2004-0567?
CVE-2004-0567 affects Windows NT Server 4.0 SP6, Windows 2000 Server SP3 and SP4, and Windows Server 2003.
What could happen if CVE-2004-0567 is exploited?
Exploitation of CVE-2004-0567 could lead to remote code execution and potentially full system compromise.
Is there a workaround for CVE-2004-0567?
Disabling the Windows Internet Naming Service (WINS) on affected systems can serve as a temporary workaround for CVE-2004-0567.

agent/references
agent/type
agent/remedy
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/description
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft windows server 2003
version/microsoft windows server 2003/64-bit
canonical/microsoft windows nt
version/microsoft windows nt/4.0-sp6
canonical/microsoft windows 2000
version/microsoft windows 2000/sp4
version/microsoft windows nt/4.0-sp6a
version/microsoft windows server 2003/r2
version/microsoft windows 2000/sp3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.