header-logo
Suggest Exploit
vendor:
by:
Anonymous
5.5
CVSS
MEDIUM
Denial of Service (DoS)
400
CWE
Product Name:
Affected Version From: Windows NT, possibly Windows 95
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: UNIX
1997

Crash vulnerability in Winpopup message handling

Sending a very long username in a Winpopup message can crash an NT box (possibly W95 too). This can be achieved easily from UNIX with 'smbclient -U LOTSandLOTSofcrap -M host'.

Mitigation:

Limit the length of usernames in Winpopup messages
Source

Exploit-DB raw data:

You can crash an NT box (possibly W95 too) by sending a very long username in a Winpopup message. This is easy to do from UNIX with 'smbclient -U LOTSandLOTSofcrap -M host'.

# milw0rm.com [1997-04-01]

Navigation

Suggest Exploit

Services By CQR