Signature Detail

SMB: Winblast DoS

Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability

Extended Description

A vulnerability has been identified in Microsoft Windows when file Sharing with a Unix client is enabled. It has been reported that this issue presents itself if a system has enabled file sharing with a Unix client running Samba. An attacker on a Unix client with write/create permissions to the mounted share can cause a resource exhaustion condition in the Windows system. The issue may be exploited by creating and deleting up to 1000 directories on a share. The resource exhaustion occurs when a large number of directories (from 3.5 million to 5.8 million) have been deleted and created. Successful exploitation of this attack may cause a Windows system to discontinue file sharing due to memory exhaustion. This issue may not be reproducible using a Windows cient. Microsoft Windows XP Professional Service Pack 1 and Microsoft Windows Server 2003 are reported to be vulnerable to this issue. This issue does not affect Microsoft Windows 2000 Professional and prior.

Affected Products

• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home
• Microsoft Windows XP Media Center Edition
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional

References

• BugTraq: 9467
• URL: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/fs/microsoft_smb_protocol_and_cifs_protocol_overview.asp