RE: [Full-Disclosure] smbmount disrupts Windows file sharing.

From: Steve Wray (steve.wray_at_paradise.net.nz)
Date: 02/03/04

  • Next message: Damian Gerow: "Re: [Full-Disclosure] Email" 
    Date: Wed, 04 Feb 2004 07:30:40 +1300
To: "'Daniel Kabs [ML]'" <dkabs@mobotix.com>, bugtraq@securityfocus.com, full-disclosure@lists.netsys.com

    Has anyone tried to replicate this from Windows?
    (ie create a windows batch file which does the
    same thing)? Or is the windows batch file language
    too restricted to allow this sort of script?

    Forgive my windows ignorance...

    > -----Original Message-----
    > From: full-disclosure-admin@lists.netsys.com
    > [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
    > Daniel Kabs [ML]
    > Sent: Tuesday, 3 February 2004 4:41
    > To: bugtraq@securityfocus.com; full-disclosure@lists.netsys.com
    > Subject: [Full-Disclosure] smbmount disrupts Windows file sharing.
    >
    >
    > Announced: 2004-02-02
    > Type: Denial of Service Attack on Windows
    > Impact: smbmount can stop Windows from sharing files
    > Writer: Daniel Kabs, Germany (daniel.kabs@gmx.de)
    > Credits: Thanks to Steve Ladjabi (steve.ladjabi@web.de)
    >
    > Contents:
    > 1. Abstract
    > 2. Affected Systems
    > 3. Attack Setup
    > 4. Symptoms
    > 5. Workaround
    >
    >
    > 1. Abstract
    >
    > A security vulnerability of "Windows XP" and "Windows 2003
    > Server" has been found. Theses systems are open to a denial
    > of service attack. If they share folders to a Unix client
    > that is using smbmount (part of the Samba suite), any user
    > on the client who has permissions to create directories on
    > the mounted share can stop the Windows system from serving
    > files. The attack induces a memory shortage on the Windows
    > system by creating directories in a special way.
    [snip]

  • Next message: Damian Gerow: "Re: [Full-Disclosure] Email"

    Relevant Pages