CVE-2005-0045

Name of the Vulnerable Software and Affected Versions Windows NT 4.0 Windows 2000 Windows XP Windows Server 2003

Description The issue arises from the improper validation of certain SMB packets in the Server Message Block implementation. This allows remote attackers to execute arbitrary code via Transaction responses containing Trans or Trans2 commands. Specifically, it can be exploited using Trans2 FIND FIRST2 responses with large file name length fields.

Recommendations For Windows NT 4.0, consider disabling SMB services until a fix is available. For Windows 2000, restrict access to the Trans and Trans2 commands to minimize the risk of exploitation. For Windows XP, avoid using the Trans2 FIND FIRST2 response with large file name length fields in SMB packets until the issue is resolved. For Windows Server 2003, as a temporary workaround, consider limiting the file name length fields in Trans2 responses to prevent arbitrary code execution.