SMB: Winblast DoS
Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability
Extended Description
A vulnerability has been identified in Microsoft Windows when file Sharing with a Unix client is enabled. It has been reported that this issue presents itself if a system has enabled file sharing with a Unix client running Samba. An attacker on a Unix client with write/create permissions to the mounted share can cause a resource exhaustion condition in the Windows system. The issue may be exploited by creating and deleting up to 1000 directories on a share. The resource exhaustion occurs when a large number of directories (from 3.5 million to 5.8 million) have been deleted and created. Successful exploitation of this attack may cause a Windows system to discontinue file sharing due to memory exhaustion. This issue may not be reproducible using a Windows cient. Microsoft Windows XP Professional Service Pack 1 and Microsoft Windows Server 2003 are reported to be vulnerable to this issue. This issue does not affect Microsoft Windows 2000 Professional and prior.
Affected Products
Microsoft windows_server_2003_datacenter_edition
Short Name
SMB:EXPLOIT:WINBLAST-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMB
Keywords
bid:9467
Release Date
02/10/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft