MS.Windows.SVCCTL.Service.SMB.Access
Description
This indicates a possible attempt to exploit an information disclosure vulnerability in some versions of Microsoft Windows.
The vulnerability can be exploited by using hardcoded named pipes which allow for NULL sessions using the svcctl interface. As a result a remote attacker can list installed or running services on an affected computer.
Affected Products
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4
Impact
System compromise.
Information disclosure.
Recommended Actions
Microsoft has released patches to fix this issue. Please visit the Windows Update Center to download the patches specific to your platform.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |