SMB: Dialect Index Overflow
This protocol anomaly triggers if it detects a server requesting the index number of a supported dialect that is greater than the number of dialects supported by the client (redirector).
Extended Description
Microsoft Windows Server Message Block handler is reported prone to a remote buffer-overflow vulnerability. Note that since SMB drivers execute in the kernel memory space, a successful attack can grant a remote attacker unauthorized access with ring-0 privileges. Microsoft has noted that other protocols, such as IPX/SPX, could also be vulnerable to this issue. **Update: Microsoft Windows NT 4.0 has also been reported vulnerable to this issue.
Affected Products
Microsoft windows_xp_media_center_edition
References
BugTraq: 12484
CVE: CVE-2005-0045
URL: http://www.microsoft.com/technet/security/Bulletin/MS05-011.mspx
Short Name
SMB:OF:DIALECT-INDEX-OVERFLOW
Severity
Major
Recommended
False
Recommended Action
None
Category
SMB
Keywords
CVE-2005-0045 MS05-011 bid:12484
Release Date
02/15/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
7.5