| Patch Name : |
WindowsServer2003-KB899589-x86-ENU.exe |
| Patch Description : |
Security Update for Windows Server 2003 (KB899589) |
| Bulletin Id : |
MS05-046 |
| Bulletin Title : |
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) |
| KnowledgeBase : | 899589 |
| Severity : |
Important |
| Location Path : | WindowsServer2003-KB899589-x86-ENU.exe |
| Bulletin Summary: |
This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in the Client Service for NetWare (CSNW). By default, CSNW is not installed on any affected operating system version. Only customers who manually installed CSNW could be vulnerable to this issue. The vulnerability is documented in the ÂVulnerability Details section of this bulletin. This service is also called Gateway Service for NetWare on Windows 2000 Server.
An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
We recommend that customers apply the update at the earliest opportunity.
|
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Oct 11, 2005 |
| CVE Id : | CAN-2005-1985 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows Server 2003 for Small Business Server | Windows Server 2003 Gold |
| Windows Server 2003, Datacenter Edition | Windows Server 2003 Gold |
| Windows Server 2003, Enterprise Edition | Windows Server 2003 Gold |
| Windows Server 2003, Standard Edition | Windows Server 2003 Gold |
| Windows Server 2003, Web Edition | Windows Server 2003 Gold |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\Nwwks.dll | 5.2.3790.386 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP2\KB899589 | | -2 |
|
