Microsoft Security Bulletin MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure (Q824105) Title: Flaw in NetBIOS Could Lead to Information Disclosure (824105) Date: 03 September 2003 Software: - Microsoft Windows NT 4.0 Server - Microsoft Windows NT 4.0, Terminal Server Edition - Microsoft Windows 2000 - Microsoft Windows XP - Microsoft Windows Server 2003 Impact: Information Disclosure Max Risk: Low Bulletin: MS03-034 Microsoft encourages customers to review the Security Bulletins at: http://www.microsoft.com/technet/security/bulletin/MS03-034.asp ....This vulnerability involves one of the NetBT (NetBIOS over TCP) services, namely, the NetBIOS Name Service (NBNS). NBNS is analogous to DNS in the TCP/IP world and it provides a way to find a system's IP address given its NetBIOS name, or vice versa. If best security practices have been followed and port 137 UDP has been blocked at the firewall, Internet based attacks would not be possible. Though this fix is not related to SQL Server, but most of the systems hosted with Windows OS, thought this would help. _________ Satya SKJ Moderator SQL-Server-Performance.Com
