APP: Microsoft Systems Management Server (SMS) Denial of Service
This signature detects attempts to exploit a known vulnerability against the Remote Control Client service in Microsoft Systems Management Server (SMS). SMS 2.50 is vulnerable. Because the service does not properly validate user input, attackers can send a maliciously crafted request to a control port and crash the service.
Extended Description
Reportedly Microsoft Systems Management Server is vulnerable to a remote denial of service vulnerability. This issue is due to a failure of the affected server to handle exceptional conditions. Successful exploitation of this issue will allow an attacker to trigger a denial of service condition in the affected server. Code execution might be possible but is unlikely and unconfirmed.
Affected Products
Microsoft systems_management_server
Short Name
APP:MS-SMS-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
(SMS) CVE-2004-0728 Denial Management Microsoft Server Service Systems bid:10726 of
Release Date
08/12/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/2702
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0