=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN615
_____________________________________________________________________

DATE                      : 12/10/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP, Windows Server 2003.

======================================================================

MS05-046 - Vulnerability in the Client Services for Netware Could
            Allow Remote Code Execution (899589)

   - Affected Software:
     - Windows 2000 Service Pack 4
     - Windows XP Service Pack 1
     - Windows XP Service Pack 2
     - Windows Server 2003
     - Windows Server 2003 Service Pack 1

     - Impact: Remote Code Execution
     - Version Number: 1.0

Full MS05-046 advisory:
http://www.microsoft.com/technet/security/bulletin/MS05-046.mspx


Vulnerability Details:
	
Client Service for NetWare Vulnerability - CAN-2005-1985:

A remote code execution vulnerability exists in the Client Service for NetWare
(CSNW) that could allow an attacker who successfully exploited this vulnerability
to take complete control of the affected system.

By default, CSNW is not installed on any affected operating system version.
Only customers who manually installed CSNW could be vulnerable to this issue.

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================