|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
Description |
A vulnerability has been discovered in the Windows Network Share Provider service (Lanman server) that would allow an attacker to remotely crash the operating system of an affected platform. This vulnerability can be triggered through an anonymous null session as well as a valid user account and requires network access to either port 139/tcp or 445/tcp.
|
|
Classification |
Attack Type:
Input Manipulation
|
|
Technical |
An attacker could exploit this vulnerability by sending a malformed SMB_CON_TRANSACTION packet on Port 139 and 445 to a target computer and cause it to crash. The attacker could use both a user account and anonymous access to accomplish this. Though not confirmed, it may be possible to execute arbitrary code.
|
|
Solution |
Install Microsoft Windows Patch from Microsoft TechNet http://www.microsoft.com/technet/security/bulletin/ms02-045.asp, or block access to Port 139 and 445 (not applicable for file and printing environment). If possible remove Anonymous access.
|
|
Products |
|
Windows
 |
2000 Advanced Server |
2000 Professional |
2000 Server |
NT 4.0 |
NT 4.0 Server |
NT 4.0 Workstation |
XP |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
