Industry

Buffer Overrun in Windows Could Lead to Data Corruption

By Thomas McGuire July 12, 2003, 5:08

Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.

Affected Software:
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Windows XP Professional

A flaw exists in the way that the server validates the parameters of an SMB packet. When a client system sends an SMB packet to the server system, it includes specific parameters that provide the server with a set of "instructions." In this case, the server is not properly validating the buffer length established by the packet. If the client specifies a buffer length that is less than what is needed, it can cause the buffer to be overrun.

By sending a specially crafted SMB packet request, an attacker could cause a buffer overrun to occur. If exploited, this could lead to data corruption, system failure, or---in the worst case---it could allow an attacker to run the code of their choice. An attacker would need a valid user account & would need to be authenticated by the server to exploit this flaw.

Patch availability
Download locations for this patch.

2 comments 0 likes and shares

Tech Jobs: Find the next step in your career

Related Stories

Featured on TechSpot