Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

Bugtraq ID:	1261
Class:	Design Error
CVE:
Remote:	Yes
Local:	Yes
Published:	May 25 2000 12:00AM
Updated:	May 25 2000 12:00AM
Credit:	Discovered by David Litchfield <[email protected]> and publicized in a Microsoft Security Bulletin (MS00-036).
Vulnerable:	Microsoft Windows NT 4.0 alpha Microsoft Windows NT 4.0 + Microsoft Windows NT Enterprise Server 4.0 + Microsoft Windows NT Enterprise Server 4.0 + Microsoft Windows NT Server 4.0 + Microsoft Windows NT Server 4.0 + Microsoft Windows NT Terminal Server 4.0 + Microsoft Windows NT Terminal Server 4.0 + Microsoft Windows NT Workstation 4.0 + Microsoft Windows NT Workstation 4.0
Not Vulnerable:	Microsoft Windows 2000 Professional

Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

Microsoft Windows NT 4.0's implementation of the Computer Browser protocol does not control the amount of entries the Master Browser will allow to be added to the browse list. Therefore, a malicious user may send a significant amount of false HostAnnouncement frames to the Master Browser. This may flood the Master Browser with false HostAnnouncement requests which would either cause a denial of service in both the Master Browser and any client performing a network browse or at the least consume a considerable amount of network bandwidth.

Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

Solution:
Microsoft has released the following patches which rectify this issue:

Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

References:

• Frequently Asked Questions: Microsoft Security Bulletin (MS00-036) (Microsoft)
  
• Q263307: Excessive Browser Announcements May Force Computer Shutdown (Microsoft)