OSVDB ID: 26439

Title: Microsoft Windows SMB MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk Remote DoS

Info

Disclosure
Jun 13, 2006

Discovery
Feb 07, 2006

Dates

Exploit
Unknown

Solution
Unknown

Description

 Windows contains a flaw that may allow a remote denial of service. The issue is triggered when the MrxSmbCsIoctlCloseForCopyChunk function of SMB is passed the file handle for a shadow device, which will create a deadlock and result in loss of availability for the service.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Subsequent reports indicate the patch for this issue does not properly mitigate the vulnerability.

Products

Microsoft Corporation

Windows

 2000 SP4
XP SP1
XP SP2
XP Professional x64 Edition
2000 SP4
XP SP1
XP SP2
XP Professional x64 Edition

Windows Server

 2003
2003 SP1
2003 for Itanium
2003 SP1 for Itanium
2003 x64 Edition
2003
2003 SP1
2003 for Itanium
2003 SP1 for Itanium
2003 x64 Edition

References

Credit
  • Ruben Santamarta - advisoriesreversemode.com -
  • Ruben Santamarta - advisoriesreversemode.com -


Direct URL: http://osvdb.org/26439