Microsoft Windows NT 4.0 HostAnnouncement DoS Vulnerability

Microsoft Windows NT 4.0's implementation of the Computer Browser protocol does not control the amount of entries the Master Browser will allow to be added to the browse list. Therefore, a malicious user may send a significant amount of false HostAnnouncement frames to the Master Browser. This may flood the Master Browser with false HostAnnouncement requests which would either cause a denial of service in both the Master Browser and any client performing a network browse or at the least consume a considerable amount of network bandwidth.


 

Privacy Statement
Copyright 2010, SecurityFocus