Lucene search

K
saintSAINT CorporationSAINT:9D4369A8D6921FF2F218653A934F5F00
HistoryApr 26, 2017 - 12:00 a.m.

Windows SMBv1 Remote Command Execution

2017-04-2600:00:00
SAINT Corporation
download.saintcorporation.com
67

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.973

Percentile

99.9%

Added: 04/26/2017
CVE: CVE-2017-0143
BID: 96703

Background

Server Message Block (SMB) is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions.

Problem

A vulnerability in the handling of certain SMBv1 requests could allow a remote attacker to execute arbitrary commands.

Resolution

Apply the patch referenced in MS17-010, or disable SMBv1.

References

<https://technet.microsoft.com/en-us/library/security/ms17-010.aspx&gt;

Limitations

Exploit works on Windows 7 and Windows Server 2008 R2.

If the exploit succeeds against a 32-bit target, the target reboots when the command connection is closed.

Platforms

Windows 7
Windows Server 2008 R2

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.973

Percentile

99.9%