Info

Disclosure

May 07, 1997

Discovery

Unknown

Dates

Exploit

May 07, 1997

Solution

Unknown

Description

Microsoft Windows and SCO Open Server contain a flaw that may allow a remote denial of service. The issue is triggered when an out-of-band packet is sent to port 139, and will result in loss of availability for the platform.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Microsoft and SCO have released a patch to address this vulnerability. Additionally, it is possible to mitigate this attack by implementing the following workaround: filter all traffic to TCP Port 139.

Products

Microsoft Corporation	Windows	95
		3.11
		NT 4.0
		NT 3.51

SCO Group, Inc.

Open Server

5.0

References

Microsoft Knowledge Base Article: 168747 179129
ISS X-Force ID: 173
CVE ID: 1999-0153 (see also: NVD)
Bugtraq ID: 2010
CIAC Advisory: h-57
Packet Storm: http://packetstormsecurity.org/Exploit_Code_Archive/winnuke.c
Keyword: OOB TCP Port 139 WinNuke winnuke.c

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/1666

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

SCO Group, Inc.

Open Server

References

Credit