| VID |
26050 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q326830) for the "Denial of Service Vulnerability in Network Share Provider" has not been applied.
Microsoft Server Message Block (SMB) is a protocol for sharing data and resources between computers. Buffer overflow in SMB protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows an attacker to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3. The attacker could use both a user account and anonymous access to accomplish this. Though not confirmed, it may be possible to execute arbitrary code.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. If you want to perform a buffer overflow test, you can do it by scanning after enabling the "SMB/windows/netshare/dos" item in "Denial of Service Attacks" from the Policy Editor.
* References:
http://www.microsoft.com/technet/security/bulletin/MS02-045.asp
* Platforms Affected:
Microsoft Windows NT 4.0 Workstation/Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000 Professional/Server/Advanced Server
Windows XP Professional |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS02-045, http://www.microsoft.com/technet/security/bulletin/MS02-045.asp
1. Open the following page :
For Microsoft Windows NT 4.0: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41493
For Microsoft Windows NT 4.0 Terminal Server Edition: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41519
For Microsoft Windows 2000: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41468
For Microsoft Windows XP: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41524
For Microsoft Windows XP 64 bit Edition: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41549
2. Select your language from the drop-down list at the top of the page and then click <Next> button.
3. Click <Download Now> button to download this patch file.
4. Run this file to install the patch.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2002-0724 (CVE) |
| Related URL |
5556 (SecurityFocus) |
| Related URL |
9933 (ISS) |
|
