NSFocus Security Advisory(SA2000-05) - Microsoft Windows 9x NETBIOS password verification contains a vulnerability which allows an attacker to use a share only knowing the first byte of the password, which can easily be guessed. This is the flaw described in ms00-072 which affects Windows 95, 98, and 98se.
7aef63a9de0679d5b03e709420e8ddace4d85f1bf4c6394a3d8949d58d90ea2a
[01.gif] [02.gif]
[t5.jpg]
NSFOCUS Security Advisory(SA2000-05)
Topic£º Microsoft Windows 9x NETBIOS password verification
vulnerability
Release Date£º August 24, 2000
Affected System£º
================
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition
Non-affected System£º
====================
- Windows NT 4.0
- Windows 2000
Impact:
==========
A vulnerability exists in the password verification scheme utilized by
Microsoft Windows 9x NETBIOS protocol implementation. This
vulnerability will allow any user to access the Windows 9x file shared
service with password protection. Attacker don't have to know the
share password.
Description£º
=============
You can set password to protect Microsoft Windows 9x system's shared
resources. But a vulnerability exists in the password verification
scheme utilized by Microsoft Windows 9x NETBIOS protocol
implementation. To verify the password, the length of the password
depends on the length of the data sent from client to server. That is,
if a client set the length of password to be 1 byte and send the
packet to server, the server will only compare it with the first byte
of the shared password, and if consistent, verification process is
done. All an attacker need to do is to guess and try the first byte of
password in the victim .
Windows 9x remote management system is also affected cause it adopts
the same shared password authentication method.
Workaround£º
=========
Close Microsoft file shared service.
Microsoft has been informed.
DISCLAIMS:
==========
THE INFORMATION PROVIDED IS RELEASED BY NSFOCUS "AS IS" WITHOUT
WARRANTY OF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESS
OR IMPLIED, EXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO
EVENTSHALL NSFOCUS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING
DIRECT, INDIRECT, INCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS
OR SPECIAL DAMAGES, EVEN IF NSFOCUS HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. DISTRIBUTION OR REPRODUTION OF THE
INFORMATION IS PROVIDED THAT THE ADVISORY IS NOT MODIFIED IN ANY WAY.
©Coypright 1999-2000 NSFOCUS. All Rights Reserved. Terms of use.
NSFOCUS Security Team <security@nsfocus.com>
NSFOCUS INFORMATION TECHNOLOGY CO.,LTD
(http://www.nsfocus.com)
©Copyright 2000 NSFOCUS Information Technology Co.,Ltd. All Rights
Reserved.
Contact:webmaster@nsfocus.com