[26869] in bugtraq
Re: Yet another SMB dos concept code
daemon@ATHENA.MIT.EDU (Kevin Gennuso)
Thu Aug 29 17:23:14 2002
Date: Thu, 29 Aug 2002 16:39:24 -0400 (EDT)
From: Kevin Gennuso <goosey@icubed.com>
To: bugtraq@securityfocus.com
Message-ID: <Pine.BSF.4.44.0208291634020.40299-100000@users.icubed.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
> I've tryed it against some Windows 2000/NT 4.0 machine and i noticed
> that disabling NetBIOS Null Session will keep you safe from this DOS.
Don't be fooled - disabling null sessions will only prevent
non-authenticated users from being able to execute the attack. Users with
accounts on the box (or the domain, depending on your situation) will
still be able to play bouncy-bouncy with the machine.
Read the Microsoft article (MS02-045) - it details all of this info.
Also note that this exploit works on unpatched XP and .NET servers as
well.
Kevin
