SMB: Windows SMB Client Transaction Response Handling Vulnerability (2)
This signature detects attempts to exploit a known vulnerability in Samba clients. Attackers can crash the server, create a denial of service or execute arbitrary code.
Extended Description
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields.
Affected Products
Microsoft windows_2000
References
BugTraq: 12484
CVE: CVE-2005-0045
URL: http://www.kb.cert.org/vuls/id/652537 http://www.us-cert.gov/cas/techalerts/TA05-039A.html
Short Name
SMB:EXPLOIT:GREENAPPLE-2
Severity
Warning
Recommended
False
Recommended Action
None
Category
SMB
Keywords
(2) CVE-2005-0045 Client Handling Response SMB Transaction Vulnerability Windows bid:12484
Release Date
06/27/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Rarely
Vendors
Microsoft
CVSS Score
7.5