Bugtraq mailing list archives
Re: Microsoft's Network Monitor - Buffer Overrun / Page Fault / V
From: Oliver_Friedrichs () NAI COM (Friedrichs, Oliver)
Date: Tue, 15 Dec 1998 14:51:09 -0800
There is a problem with both the SMS version of Network Monitor and the version on the NT Server 4 CD-ROM whereby if it "sniffs" a NetBIOS session request from a machine where the NetBIOS Scope ID is 190 or more characters when the capture is stopped and the results are viewed the Network Monitor process (netmon.exe) experiences a memory problem.
I found this awhile ago as well. The same type of overflow also occurs virtually anytime it decodes a NetBIOS name larger than 15 characters. What scares me more are network based ID systems which may do something similar when decoding packets. - Oliver Network Associates, Inc.
Current thread:
- Re: Microsoft's Network Monitor - Buffer Overrun / Page Fault / V Friedrichs, Oliver (Dec 15)