Title: Obtain OS type via SNMP
ID: 10800
Category: SNMP
URL: http://www.securityspace.com/smysecu....html?id=10800
Summary: Enumerates OS via SNMP
This script uses SNMP to obtain the remote operating system type and version

Title: checks for MS HOTFIX for snmp buffer overruns
ID: 10865
Category: Windows
URL: http://www.securityspace.com/smysecu....html?id=10865
Summary: Determines whether the hotfix Q314147 is installed
There is an Unchecked Buffer in SNMP Service
and this checks to see if the Microsoft Patch
has been applied (only checks NT/Win2k and XP PRo).

Impact of vulnerability: Run code of attacker's choice and denial of service attacks.
Also may run snmp detect to see if snmp is running on this host.

Recommendation: Customers should install the patch immediately or disable snmp (you should disable all unused services)

Affected Software:

Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP

See http://www.microsoft.com/technet/sec...n/ms02-006.asp
(note about risk factor: Medium if not running snmp - because someone could enable it
High if not patched and running snmp)

Risk factor : Medium/High

Source: www.securityspace.com