Buffer Overrun in Windows Could Lead to Data Corruption

By TS | Thomas
Jul 12, 2003
Topic Status:
Not open for further replies.
  1. Affected Software:
    Microsoft Windows NT Server 4.0
    Microsoft Windows NT Server 4.0, Terminal Server Edition
    Microsoft Windows 2000
    Windows XP Professional

    A flaw exists in the way that the server validates the parameters of an SMB packet. When a client system sends an SMB packet to the server system, it includes specific parameters that provide the server with a set of “instructions.” In this case, the server is not properly validating the buffer length established by the packet. If the client specifies a buffer length that is less than what is needed, it can cause the buffer to be overrun.

    By sending a specially crafted SMB packet request, an attacker could cause a buffer overrun to occur. If exploited, this could lead to data corruption, system failure, or—in the worst case—it could allow an attacker to run the code of their choice. An attacker would need a valid user account & would need to be authenticated by the server to exploit this flaw.

    Patch availability
    Download locations for this patch.
  2. tkteo

    tkteo Newcomer, in training Posts: 61

    The patch executable will not install if Win2K SP4 is installed. The error message says that certain files in the executable are older than SP4, and SP3 or earlier is required for the patch to install.
  3. TS | Thomas

    TS | Thomas Newcomer, in training Topic Starter Posts: 1,327

    Just checked into that on the proper knowledge base article for this patch. Yep, Windows 2000 SP4 supersedes this patch alright.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.