SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#250635

Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetServerEnum2 transaction

Overview

Microsoft Server Message Block (SMB) may crash when it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. Attackers can use this vulnerability to cause a denial of service.

I. Description

SMB is a protocol for sharing data and resources between computers. It is included in many versions of Microsoft Windows.

SMB will crash if it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. If either the 'Max Param Count' field or the 'Max Data Count' field of the packet is set to zero (0), the destination SMB host will crash with a blue screen. This vulnerability can be exploited by both local and remote attackers.

II. Impact

Remote attackers can cause a denial of service. Attackers may also be able to execute arbitrary code, though this has not been demonstrated or proven.

III. Solution

Apply a patch


For more information, see:

http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-045.asp

Disable anonymous access

Disable anonymous SMB access. See Microsoft Knowledge Base Article 246261 for information about configuring anonymous access in Windows 2000. Note that disabling this access will not prevent authenticated users from exploiting this vulnerability and may actually have adverse affects in mixed-mode domains.

Block or Restrict Access

Block access to SMB services (139/tcp, 445/tcp) from untrusted networks such as the Internet.

Systems Affected

VendorStatusDate Updated
Microsoft CorporationVulnerable23-Aug-2002

References


http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-045.asp
http://www.securityfocus.com/bid/5556

Credit

Thanks to Ivan Arce for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

Date Public08/22/2002
Date First Published08/23/2002 10:29:53 AM
Date Last Updated08/19/2003
CERT Advisory 
CVE NameCAN-2002-0724
US-CERT Technical Alerts 
Metric5.02
Document Revision16

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2002 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader