Title: Unchecked Buffer in Network Share Provider Can Lead to
Denial of Service (Q326830)
Date: 22 August 2002
Software: Microsoft Windows NT 4.0 Workstation
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Sever Edition
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Windows XP Professional
Impact: Denial of Service
Max Risk: Moderate
Bulletin: MS02-045
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-045.asp.
SMB (Server Message Block) is the protocol Microsoft uses to share
files, printers, serial ports, and also to communicate between
computers using named pipes and mail slots. In a networked
environment, servers make file systems and resources available to
clients. Clients make SMB requests for resources and servers make
SMB responses in what described as a client server, request-
response protocol.
By sending a specially crafted packet request, an attacker can mount
a denial of service attack on the target server machine and crash
the system. The attacker could use both a user account and anonymous
access to accomplish this. Though not confirmed, it may be possible
to execute arbitrary code.