Skip to main content

Microsoft Windows SMB "mrxsmb.sys" Remote Heap Overflow Vulnerability

Last Update Date: 16 Feb 2011 17:01 Release Date: 16 Feb 2011 7029 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to cause a denial of service or take complete control of a vulnerable system. This issue is caused by a heap overflow error in the "BowserWriteErrorLogEntry()" function within the Windows NT SMB Minirdr "mrxsmb.sys" driver when processing malformed Browser Election requests, which could be exploited by remote unauthenticated attackers to crash an affected system or potentially execute arbitrary code with elevated privileges.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Microsoft Windows XP Service Pack 3
  • Microsoft Windows Server 2003 Service Pack 2

Solutions

  • It is not aware of any vendor-supplied patch.
  • Workaround: Block or filter UDP and TCP ports 138, 139 and 445.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link