13596 : Microsoft Windows XP Named Pipe Username Disclosure
Printer | http://osvdb.org/13596 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
5	704	over 8 years ago	about 5 years ago	0 times	90%

Timeline

Disclosure Date
2005-02-08

Description

Windows contains a flaw related to the use of named pipes that may allow an attacker to gather the usernames of users connected to a shared resource. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Unknown

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	XP SP1
		XP SP2
		XP 64-Bit SP1

References

Security Tracker: 1013112
SCIP VulDB ID: 1190
Secunia Advisory ID: 14189
ISS X-Force ID: 19093
CVE ID: 2005-0051 (see also: NVD)
Microsoft Knowledge Base Article: 888302
CERT VU: 939074
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0059.html
Microsoft Security Bulletin: MS05-007

Tools & Filters

	16331 16337

Credit

Jean-Baptiste Marchand - Herve Schauer Consultants

CVSSv2 Score

CVSSv2 Base Score = 7.5
Source: nvd.nist.gov | Generated: 2005-05-13 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.