A hot-fix for a DOS attack on NT file servers that had not been previously publically known has been posted. The following is the KB article on the fix. DOCUMENT: Q180963 TITLE :Denial of Service Attack Causes Windows NT Systems to Reboot PRODUCT :Microsoft Windows NT PROD/VER:4.00 OPER/SYS:WINDOWS KEYWORDS:kbbug4.00 kbfix4.00 NTSrv ntstop -------------------------------------------------------------------------- The information in this article applies to: - Microsoft Windows NT Server version 4.0 -------------------------------------------------------------------------- SYMPTOMS ======== During the processing of a Server Message Block (SMB) logon request, memory corruption occurs causing one of the following errors: STOP 0x0000000A STOP 0x00000050 The result is a system reboot or system hang. Note: The Stop errors will vary from case to case. CAUSE ===== The size of data to follow is contained in the SMB logon request. When the size specified in the request does not match the size actually present, corruption occurs. RESOLUTION ========== To resolve this problem, obtain the following fix or wait for the next Windows NT 4.0 service pack. This fix should have the following time stamp: 01/07/98 07:59p 229,840 Srv.sys (Intel) 01/07/98 07:56p 466,384 Srv.sys (Alpha) This hotfix has been posted to the following Internet location: ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/ hotfixes-postSP3/srv-fix NOTE: The above link is one path; it has been wrapped for readability. STATUS ====== Microsoft has confirmed this to be a problem in Windows NT version 4.0. A supported fix is now available, but has not been fully regression-tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next Service Pack that contains this fix. Contact Microsoft Technical Support for more information. Additional query words: 4.00 ntstop ============================================================================ THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:38 PDT