VULHUB ™

A vulnerability has been identified in Microsoft Windows when file Sharing with a Unix client is enabled. It has been reported that this issue presents itself if a system has enabled file sharing with a Unix client running Samba. An attacker on a Unix client with write/create permissions to the mounted share can cause a resource exhaustion condition in the Windows system. The issue may be exploited by creating and deleting up to 1000 directories on a share. The resource exhaustion occurs when a large number of directories (from 3.5 million to 5.8 million) have been deleted and created. Successful exploitation of this attack may cause a Windows system to discontinue file sharing due to memory exhaustion. This issue may not be reproducible using a Windows cient. Microsoft Windows XP Professional Service Pack 1 and Microsoft Windows Server 2003 are reported to be vulnerable to this issue. This issue does not affect Microsoft Windows 2000 Professional and prior.

A vulnerability has been identified in Microsoft Windows when file Sharing with a Unix client is enabled. It has been reported that this issue presents itself if a system has enabled file sharing with a Unix client running Samba. An attacker on a Unix client with write/create permissions to the mounted share can cause a resource exhaustion condition in the Windows system. The issue may be exploited by creating and deleting up to 1000 directories on a share. The resource exhaustion occurs when a large number of directories (from 3.5 million to 5.8 million) have been deleted and created. Successful exploitation of this attack may cause a Windows system to discontinue file sharing due to memory exhaustion. This issue may not be reproducible using a Windows cient. Microsoft Windows XP Professional Service Pack 1 and Microsoft Windows Server 2003 are reported to be vulnerable to this issue. This issue does not affect Microsoft Windows 2000 Professional and prior.