Microsoft KB Archive/262388

= Denial-of-Service Attack Possible from Linux RPC Client =

Article ID: 262388

Article Last Modified on 2/19/2007

-

APPLIES TO


 * Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 4
 * Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 5
 * Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 6
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows NT Server 4.0 Standard Edition
 * Microsoft Windows NT 4.0 Service Pack 1
 * Microsoft Windows NT 4.0 Service Pack 2
 * Microsoft Windows NT 4.0 Service Pack 3
 * Microsoft Windows NT 4.0 Service Pack 4
 * Microsoft Windows NT 4.0 Service Pack 5
 * Microsoft Windows NT 4.0 Service Pack 6a
 * Microsoft Windows NT Server 4.0 Enterprise Edition
 * Microsoft Windows NT 4.0 Service Pack 4
 * Microsoft Windows NT 4.0 Service Pack 5
 * Microsoft Windows NT 4.0 Service Pack 6a
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Workstation 4.0
 * Microsoft Windows NT Workstation 4.0 Developer Edition

-



This article was previously published under Q262388



SYMPTOMS
If Windows 2000 receives a Server Message Block (SMB) packet with an invalid length, it may corrupt memory. The corruption will usually cause a blue screen error message.



Windows 2000
This was fixed by checking the length of the packet received to ensure it is valid. If the length is not valid, the packet is rejected.

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

Windows NT 4.0
To resolve this problem, obtain the Windows NT 4.0 Security Rollup Package. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

299444 Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)

Microsoft Windows NT Server version 4.0, Terminal Server Edition
To resolve this problem, obtain the Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For additional information about the SRP, click the article number below to view the article in the Microsoft Knowledge Base:

317636 Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package



STATUS
Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft Windows 2000. This problem was first corrected in Windows 2000 Service Pack 1.

Additional query words: security_patch

Keywords: kbbug kbfix kbwin2000sp1fix kbnetwork kbsecurity KB262388

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.