| VID |
26022 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q287397) for the 'Malformed request to domain controller' problem has not been applied. This vulnerability can allow an attacker to disable temporarily a Windows 2000 domain controller.
If an attacker sent a continuous stream of such requests to an affected machine, it could consume most or all of the machine's CPU availability. This could cause the domain controller to process requests for service slowly or not at all, and prevent the new users from logging on, and prevent current users from accessing additional resources.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.iss.net/security_center/static/6136.php
http://www.microsoft.com/technet/security/bulletin/ms01-011.asp |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS01-011. (http://www.microsoft.com/technet/security/bulletin/ms01-011.asp) |
| Related URL |
CVE-2001-0018 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
