| VID |
26046 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (KB817606) for the "Buffer Overrun Vulnerability in SMB request handler" has not been applied.
Server Message Block (SMB) is the Internet Standard protocol that Windows uses to share files, printers, serial ports, and to communicate between computers using named pipes and mail slots.
For netowrk resources, clients make SMB requests and servers make SMB responses in what's described as a client server request-response protocol. Due to insufficient validation by the system of the buffer size for certain incoming SMB packets, an attacker can cause a buffer overrun to occur by sending a specially crafted SMB packet request. If exploited, this could lead to data corruption, system failure, or in the worst case it could allow an attacker to run the code of their choice.
* Note: An attacker would need a valid user account and would need to be authenticated by the server to exploit this flaw. This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS03-024.asp
* Platforms Affected:
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS03-024,
http://www.microsoft.com/technet/security/bulletin/MS03-024.asp
1. Open the following page :
For Windows NT 4.0 Server: http://microsoft.com/downloads/details.aspx?FamilyId=1CA9A59A-3074-4D73-82C8-68A37B3BBB80&displaylang=en
For Windows NT 4.0, Terminal Server Edition : http://microsoft.com/downloads/details.aspx?FamilyId=19C2A999-AAD4-44A6-B608-0178874387AB&displaylang=en
For Windows 2000 : http://microsoft.com/downloads/details.aspx?FamilyId=8290DBEC-6072-45B9-A91D-E4C1FD93E3E1&displaylang=en
For Windows XP 32 bit Edition : http://microsoft.com/downloads/details.aspx?FamilyId=8F407A78-646C-4F82-BF74-12298ED5D8CF&displaylang=en
For Windows XP 64 bit Edition : http://microsoft.com/downloads/details.aspx?FamilyId=2644E2F3-92F2-40B3-8887-72FEB81CA58D&displaylang=en
2. Select your language from the drop-down list at the top of the page and then click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
5. Reboot your system to complete installation.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0345 (CVE) |
| Related URL |
8152 (SecurityFocus) |
| Related URL |
(ISS) |
|
