- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21747
- Проверка EDB
-
- Пройдено
- Автор
- ZAMOLX3
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2002-0724
- Дата публикации
- 2002-08-22
Код:
source: https://www.securityfocus.com/bid/5556/info
Microsoft Windows operating systems use the Server Message Block (SMB) protocol to support services such as file and printer sharing. A buffer overflow vulnerability has been reporting in the handling of some malformed SMB requests.
An attacker may send a malformed SMB request packet in order to exploit this condition. It has been reported possible to corrupt heap memory, leading to a crash of the underlying system.
It may prove possible to exploit this vulnerability to execute arbitrary code and gain local access to the vulnerable system. This possibility has not, however, been confirmed.
Reportedly, this vulnerability may be exploited both as an authenticated user, and with anonymous access to the service.
It has been reported, by "Fabio Pietrosanti \(naif\)" <[email protected]>, that disabling the NetBIOS Null Session will prevent exploitation of this vulnerablity.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21747.zip
- Источник
- www.exploit-db.com