{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows 2000 Server Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 64-Bit Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Server Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Server 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Server Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLe service Windows Internet Naming Service (WINS) permet une r\u00e9solution\ndes adresses IP en nom de machines NetBIOS. Selon Microsoft, une\nvuln\u00e9rabilit\u00e9 dans le service Windows Internet Naming Service (WINS)\npermet \u00e0 un utilisateur mal intentionn\u00e9, via l'envoi de paquets\njudicieusement construits, de r\u00e9aliser un d\u00e9ni de service.\n\n## Contournement provisoire\n\n-   Filtrer les ports 42/TCP et UDP/137 ;\n-   D\u00e9sinstaller le service WINS s'il n'est pas utilis\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 MS04-006 de Microsoft  :","url":"http://www.microsoft.com/technet/security/bulletin/MS04-006.asp"}],"reference":"CERTA-2004-AVI-031","revisions":[{"description":"version initiale.","revision_date":"2004-02-11T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service"}],"summary":"Selon Microsoft, une vuln\u00e9rabilit\u00e9 dans le service Windows Internet\nNaming Service (WINS) permet \u00e0 un utilisateur mal intentionn\u00e9 de\nr\u00e9aliser un d\u00e9ni de service.\n","title":"Vuln\u00e9rabilit\u00e9 de Windows Internet Naming Service (WINS)","vendor_advisories":[{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 Microsoft MS04-006","url":null}]}