Microsoft Security Bulletin MS02-045: Unchecked Buffer in Network Shar


Recommended Posts

-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------

Title: Unchecked Buffer in Network Share Provider Can Lead to

Denial of Service (Q326830)

Date: 22 August 2002

Software: Microsoft Windows NT 4.0 Workstation

Microsoft Windows NT 4.0 Server

Microsoft Windows NT 4.0 Server, Terminal Sever Edition

Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server

Microsoft Windows 2000 Advanced Server

Windows XP Professional

Impact: Denial of Service

Max Risk: Moderate

Bulletin: MS02-045

Microsoft encourages customers to review the Security Bulletin at:

http://www.microsoft.com/technet/security/...in/MS02-045.asp.

- ----------------------------------------------------------------------

Issue:

======

SMB (Server Message Block) is the protocol Microsoft uses to share

files, printers, serial ports, and also to communicate between

computers using named pipes and mail slots. In a networked

environment, servers make file systems and resources available to

clients. Clients make SMB requests for resources and servers make

SMB responses in what described as a client server, request-

response protocol.

By sending a specially crafted packet request, an attacker can mount

a denial of service attack on the target server machine and crash

the system. The attacker could use both a user account and anonymous

access to accomplish this. Though not confirmed, it may be possible

to execute arbitrary code.

Mitigating Factors:

====================

- - An administrator can block this attack by turning off anonymous

access. However, this does not prevent legitimate users from

exploiting this vulnerability.

- - An administrator can block access to SMB ports from untrusted

networks. By blocking TCP ports 445 and 139 at the network

perimeter, administrators can prevent this attack from untrusted

parties. In a file and printing environment, this may not be a

practical solution for legitimate users.

- - An administrator can stop the Lanman server service which prevents

the attack, but again may not be suitable on a file and print

sharing server.

Risk Rating:

============

- Internet systems: Low

- Intranet systems: Moderate

- Client systems: Moderate

Patch Availability:

===================

- A patch is available to fix this vulnerability. Please read the

Security Bulletin at

http://www.microsoft.com/technet/security/...in/ms02-045.asp

for information on obtaining this patch.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.