Denial of Service in Microsoft Windows Server Message Block

Reported August 22, 2002, by Core Security Technologies.



·         Windows XP Professional

·         Windows 2000 Advanced Server

·         Windows 2000 Server

·         Windows 2000 Professional

·         Windows NT Workstation 4.0

·         Windows NT Server 4.0

·         Windows NT Server 4.0, Terminal Sever Edition




An unchecked buffer exists in Microsoft’s Server Message Block (SMB) that can result in a remotely exploitable Denial of Service (DoS) condition on the vulnerable system. By sending a specially crafted packet to certain transactions of the SMB command SMB_COM_TRANSACTION, an attacker can halt the OS with a blue screen. You can find detailed information about this vulnerability on the discoverer’s Web site.




The vendor, Microsoft, has released Security Bulletin MS02-045 (Unchecked Buffer in Network Share Provider Can Lead to Denial of Service) to address these vulnerabilities and recommends that affected users download and apply the appropriate patch mentioned in the bulletin.


Discovered by Alberto Solino and Hernan Ochoa of Core Security Technologies.


TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.