{"vuid":"VU#250635","idnumber":"250635","name":"Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetServerEnum2 transaction","keywords":["Microsoft Windows","Server Message Block","SMB","SMB_COM_TRANSACTION","crafted packet","NetServerEnum2 transaction","Max Data Count","Max Param Count","MS02-045","Q326830"],"overview":"Microsoft Server Message Block (SMB) may crash when it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. Attackers can use this vulnerability to cause a denial of service.","clean_desc":"SMB is a protocol for sharing data and resources between computers. It is included in many versions of Microsoft Windows. SMB will crash if it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. If either the 'Max Param Count' field or the 'Max Data Count' field of the packet is set to zero (0), the destination SMB host will crash with a blue screen. This vulnerability can be exploited by both local and remote attackers.","impact":"Remote attackers can cause a denial of service. Attackers may also be able to execute arbitrary code, though this has not been demonstrated or proven.","resolution":"Apply a patch For more information, see: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-045.asp","workarounds":"Disable anonymous access Disable anonymous SMB access. See Microsoft Knowledge Base Article 246261 for information about configuring anonymous access in Windows 2000. Note that disabling this access will not prevent authenticated users from exploiting this vulnerability and may actually have adverse affects in mixed-mode domains. Block or Restrict Access Block access to SMB services (139/tcp, 445/tcp) from untrusted networks such as the Internet.","sysaffected":"","thanks":"Thanks to Ivan Arce for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-045.asp","http://www.securityfocus.com/bid/5556"],"cveids":["CVE-2002-0724"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-07-12T17:41:58Z","publicdate":"2002-08-22T00:00:00Z","datefirstpublished":"2002-08-23T14:29:54Z","dateupdated":"2003-08-19T21:12:06Z","revision":16,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"3","cam_easeofexploitation":"14","cam_attackeraccessrequired":"17","cam_scorecurrent":"5.0203125","cam_scorecurrentwidelyknown":"6.024375","cam_scorecurrentwidelyknownexploited":"10.040625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.0203125,"vulnote":null}