7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.559 Medium
EPSS
Percentile
97.7%
Microsoft Server Message Block (SMB) is vulnerable to a buffer handling flaw when processing incoming SMB packets that may lead to remote code execution.
Server Message Block is a protocol which allows sharing of files, printers, serial ports, and other abstractions. The SMB protocol is supported on many platforms and architectures, including many Microsoft products.
The Microsoft Server Message Block implementation contains a flaw in incoming SMB packet validation that may result in a buffer receiving inappropriate data. An attacker may send a specially-crafted packet to the vulnerable host and be able to execute arbitrary code on the host after exploiting the incoming packet processing flaw.
A remote unauthenticated attacker with the ability to send specially-crafted SMB packets to a vulnerable host may be able to execute arbitrary code on that system. The attacker-supplied code would be run in the context of Local System, resulting in a complete compromise of the system.
Apply An Update
Please see Microsoft Security Bulletin MS05-027 for more information, such as workarounds and patches.
Utilize Workarounds
Microsoft recommends the following workarounds in Microsoft Security Bulletin MS05-027:
Block TCP ports 139 and 445. This will disallow attackers the ability to contact the vulnerable SMB service on the affected host(s).
Use a firewall to block unsolicited or malicious traffic.
Use IPsec to protect network communications between hosts.
489397
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: June 14, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Microsoft Security Bulletin MS05-027 for more information, such as workarounds and patches.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23489397 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Microsoft for providing information on this issue, who in turn thank Qualys for reporting the vulnerability.
This document was written by Ken MacInnis.
CVE IDs: | CVE-2005-1206 |
---|---|
Severity Metric: | 33.08 Date Public: |