Remote Buffer Overflow Vulnerability in Windows

Question

Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability

Answer

This question was answered on July 1, 2005. Much of the information contained herein may have changed since posting.

Microsoft SMB is susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.

Remote attackers may exploit this vulnerability to execute arbitrary machine code in the context of the kernel containing the vulnerable code. Microsoft has stated that other attack vectors may exist, in the form of passing malicious parameters to the affected component, either locally or remotely.

Failed exploit attempts will likely crash the affected computer, denying service to legitimate users. This vulnerability effects all current Windows operating systems and has been addressed by a Windows Hotfix.

For more information on this exploit, as well as the fix and prevention, click here.

Author

Posted by Chad of Data Doctors on July 1, 2005

Flower Mound

972-539-9096

SW corner of Flower Mound Rd & Morriss Rd/Gerault Rd btwn Signature Kroger and City Vet

1221 Flower Mound Rd
#310
Flower Mound, TX 75028

Click for Map, Hours & Specials

Ask A Question!

Newsletter

Sign up for our weekly newsletter and get free tips and tricks to keep your computer running well.

:

See the Newsletter Archives


Listen to the Radio Program

The Latest Show - Facebook Buys Data Doctors, Tax Ready PC's & More




In the Press