Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows SMB畸形管道请求处理远程拒绝服务漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Windows的Server驱动(srv.sys)在处理某些SMB数据时存在空指针引用错误,远程攻击者可能利用此漏洞导致Windows系统崩溃死机。 如果远程攻击者向有漏洞的系统发送了包含有非正常终止的SMB_COM_TRANSACTION SMB消息(0x25)的话,就可能导致蓝屏死机。目前已有公开的攻击代码。
CVSS Information
N/A
Vulnerability Type
N/A