MS.Windows.Session.Information.Disclosure
Description
This is an information disclosure vulnerability. An attacker who successfully exploited this vulnerability could remotely read the user names of users who have an open connection to a shared resource.
The process that is used by the affected software to validate authentication information when a client establishes an anonymous logon by using a named pipe connection.
Affected Products
Microsoft Windows XP (all versions)
Impact
Disclosure of sensitive system information
Recommended Actions
Microsoft has released a critical update to fix this vulnerability. Please apply update MS05-007 on all affected systems.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |