Detections
Analytics

MS00-091: Incomplete TCP/IP Packet Vulnerability (199346)

medium Nessus Plugin ID 10563

Synopsis

The remote host is vulnerable to a denial of service attack.

Description

The hotfix for the 'incomplete TCP/IP packet' problem has not been applied.

This vulnerability allows a user to prevent this host from communicating with the network.

Solution

Apply the appropriate patches from MS00-091 or apply the latest Windows service pack.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-091

Plugin Details

Severity: Medium

ID: 10563

File Name: smb_nt_ms00-091.nasl

Version: 1.46

Type: local

Agent: windows

Published: 12/1/2000

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 11/30/2000

Vulnerability Publication Date: 11/30/2000

Reference Information

CVE: CVE-2000-1039

BID: 2022

MSFT: MS00-091

MSKB: 275567