Windows SMB2 buffer overflow

2010-09-20T00:00:00
ID SAINT:1E9A2A7C6228790D4846596C8DA04D49
Type saint
Reporter SAINT Corporation
Modified 2010-09-20T00:00:00

Description

Added: 09/20/2010
CVE: CVE-2009-3103
BID: 36299
OSVDB: 57799

Background

SMB2 is the replacement protocol for the SMB Windows filesharing protocol.

Problem

A buffer overflow vulnerability in the SMB2 Service allows remote attackers to execute arbitrary commands.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 09-050.

References

<http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx>

Limitations

Exploit works on Windows Vista SP1 and SP2. Exploitation attempts while other SMB2 activity is taking place may cause target system to reboot.

Platforms

Windows Vista