Microsoft Windows Computer Browser Reset Vulnerability

By default, the CIFS browser protocol is publicly available and delivered on the network through UDP port 138. CIFS browser protocol defines a set of browser frames which is decoded by Network Monitor and generated by the "browstat.exe" utility. Due to the implementation within windows there is no capability to configure a browser to ignore ResetBrowser frames. While the CIFS browser protocol is unauthenticated the service is vulnerable to a remote shutdown of the host and user browser service, making it almost impossible for users to locate services and other computers on a network.


 

Privacy Statement
Copyright 2010, SecurityFocus