Check or Attack Name: nt3.51Vuln

Windows NT 3.51 prior to Service Pack 3 is vulnerable to the Samba cd.. bug.

If a Samba client attaches to a file system share on a Windows NT 3.5 or 3.51 machine and executes a cd .. command from the root directory of the share, it causes a kernel exception. Depending on the configuration of the machine, it may automatically reboot or require manual intervention. If a Windows 95 share is accessed, this bug allows anyone to gain access to the entire hard drive.

Upgrade to Windows NT 4.0 and apply the latest Windows NT 4.0 Service Pack. To apply the latest Windows NT Service Pack, follow these steps:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

If it is not possible to upgrade to Windows 4.0, apply the latest Windows NT 3.51 Service Pack available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT351/ussp5/.

Microsoft Knowledge Base Article Q140818, STOP Message: After "DIR ..\" is Issued from a Samba Client, http://support.microsoft.com/support/kb/articles/q140/8/18.asp