Microsoft Windows SMB Pool Overflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Microsoft Server Message Block SMB protocol software. A remote attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service...

kernel: cifs: Fix a kernel BUG with remote OS/2 server

fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service panic via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite...

DEBIAN-CVE-2010-2063

Buffer overflow in the SMB1 packet chaining implementation in the chainreply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a crafted field in a packet...

DEBIAN-CVE-2010-2285

The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service NULL pointer dereference via unknown vectors...

DEBIAN-CVE-2010-2283

The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service NULL pointer dereference via unknown vectors...

PT-2010-2237 · Microsoft · Windows Vista +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server 2003 SP2 Microsoft Windows Vista Gold, SP1, and SP2 Microsoft Windows Server 2008 Gold and SP2 Description: The issue allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a deni...

PT-2010-2066 · Microsoft · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2 Description: The issue arises from the imprope...

Update Protection against Microsoft SMB Client Transaction Memory Corruption Vulnerability (MS10-020)

A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block SMB client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control ...

PT-2010-2032 · Microsoft · Windows Server 2003 +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2 Description: The issue is related to the SMB...

PT-2010-1842 · Microsoft · Windows Vista +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server 2008 R2 versions prior to the fixed version Microsoft Windows 7 versions prior to the fixed version Microsoft Windows Vista versions prior to the fixed version Microsoft Windows Server 2008 versions prior to the fixed...

PT-2010-1845 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper validation of request fields in the SMB implementation, allowing remote authenticated users to execute arbitrary code via a malformed reques...

PT-2010-1846 · Microsoft · Windows 7 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold, SP2, and R2 Microsoft Windows 7 affected versions not specified Description: A denial of service issue exists due to multiple race conditions in...

Microsoft Windows SMB NTLM Authentication Unauthorized Access Vulnerability

Description Microsoft Windows is prone to an unauthorized access vulnerability that affects the Microsoft Server Message Block SMB protocol software. An unauthenticated attacker can exploit this issue to gain access to resources with the privileges of an authorized user, which may lead to other...

Microsoft Windows SMB Null Pointer Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability that affects the Microsoft Server Message Block SMB protocol software. An attacker can exploit this issue to crash the system, denying service to legitimate users. Technologies Affected Microsoft Windows 2000...

DEBIAN-CVE-2009-4377

The 1 SMB and 2 SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service crash via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap...

PT-2009-1116 · Microsoft · Smb +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to the improper processing of the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code...

Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability when processing the protocol headers for the Server Message Block SMB Negotiate Protocol Request. NOTE: Reportedly, for this issue to be exploitable, file sharing must be enabled. An attacker can exploit this issue to execute cod...

New Remote Flaw Found in SMB2 in Windows Vista and Windows 7

Researchers have found a new vulnerability in the SMB2 protocol in Windows Vista and Windows 7 that enables an attacker to remotely crash vulnerable machines. There is proof-of-concept exploit available for the vulnerability, as well. There is no patch available for the vulnerability, which affec...

PT-2009-1255 · Microsoft · Windows Server 2008 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through 2000 SP4, XP SP2 through XP SP3, Server 2003 SP1 through Server 2003 SP2, Vista Gold through Vista SP1, and Server 2008 Description: The issue allows remote attackers to execute arbitrary code via...

PT-2009-1254 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A buffer overflow issue exists in the Server service, allowing remote attackers to potentially execute arbitrary code via malformed values of fields inside the SMB packets in ...