search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetServerEnum3 transaction

Vulnerability Note VU#311619

Original Release Date: 2002-08-23 | Last Revised: 2002-08-26


Microsoft Server Message Block (SMB) may crash upon receipt of a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum3 transaction. Attackers can use this vulnerability to cause a denial of service.


SMB is a protocol for sharing data and resources between computers, included in many versions of Microsoft Windows.

SMB may crash if it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. If either the 'Max Param Count' field or 'Max Data Count' field of the packet is set to zero (0), the destination SMB host will crash with a blue screen. This vulnerability can be exploited by both local and remote attackers.


Remote attackers can cause a denial of service. Attackers may also be able to execute arbitrary code, though this has not been demonstrated or proven.


Apply a patch

For more information, see:

Vendor Information

Affected   Unknown   Unaffected

Microsoft Corporation

Notified:  July 15, 2002 Updated:  August 23, 2002



Vendor Statement


Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A



Thanks to Ivan Arce of CORE Security Technologies for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

CVE IDs: None
Severity Metric: 0.87
Date Public: 2002-08-22
Date First Published: 2002-08-23
Date Last Updated: 2002-08-26 18:22 UTC
Document Revision: 9

Sponsored by CISA.