RPC.ypasswdd service in Windows Server 2003?

I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. It
reported that it has found two vulnerabilities, RPC.ypasswdd service
vulnerability and Samba buffer overflow.

According to CERT and Security Focus, they are more *IX based
vulnerabilities.

What cause NSS identify these two vulnerabilites? How can I resolve this
issue?

Could someone please shed some light? Any pointers/comments are appreciated.

Thanks,

Doug Fox <dfox138-no-spam@hotmail.com> wrote:
> I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. It
> reported that it has found two vulnerabilities, RPC.ypasswdd service
> vulnerability and Samba buffer overflow.

Hm... did you really have UNIX services on it? And why Samba? ;-)
Perhaps LANGuard NSS is showing strange things here ;-)

> According to CERT and Security Focus, they are more *IX based
> vulnerabilities.

Yes.

> What cause NSS identify these two vulnerabilites? How can I resolve this
> issue?

Please ask GFI support.

BTW: http://www.nessus.org/ http://www.gnessus.org/
http://porz-wahn.berlios.de/

Yours,
VB.
--
"Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten
Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den
Otto Schily mir noch zur Verfügung stellt."
Wolfgang Clement am 10.10.05 als Noch-Superminister

a friend asked this on the GFI forum. Until now, there is no response :-0

"Volker Birk" <bumens@dingens.org> wrote in message
news:4353d824@news.uni-ulm.de...
> Doug Fox <dfox138-no-spam@hotmail.com> wrote:
>> I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. It
>> reported that it has found two vulnerabilities, RPC.ypasswdd service
>> vulnerability and Samba buffer overflow.
>
> Hm... did you really have UNIX services on it? And why Samba? ;-)
> Perhaps LANGuard NSS is showing strange things here ;-)
>
>> According to CERT and Security Focus, they are more *IX based
>> vulnerabilities.
>
> Yes.
>
>> What cause NSS identify these two vulnerabilites? How can I resolve this
>> issue?
>
> Please ask GFI support.
>
> BTW: http://www.nessus.org/ http://www.gnessus.org/
> http://porz-wahn.berlios.de/
>
> Yours,
> VB.
> --
> "Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten
> Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den
> Otto Schily mir noch zur Verfügung stellt."
> Wolfgang Clement am 10.10.05 als Noch-Superminister