Microsoft Windows SMBv2协商远程代码执行漏洞(MS09-050)

Bugraq ID: 36299 CVE ID：CVE-2009-3103 Microsoft windows是一款流行的操作系统。 Microsoft windows SMB2是新版windows捆绑的SMB协议实现，SRV2.SYS驱动不正确处理发送给NEGOTIATE PROTOCOL REQUEST功能的畸形SMB头字段数据，NEGOTIATE PROTOCOL REQUEST是客户端发送给SMB服务器的第一个SMB查询，用于识别SMB语言并用于之后的通信。 远程攻击者可以构建Process Id...

Microsoft Windows (including Windows 7) SMB2 array index overflow

Crash on SMB2 protocol NEGOTIATE PROTOCOL REQUEST SMB request parsing...

Out-of-bounds

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service system crash via an & ampersand character in a Proces...

PT-2009-1117

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to a fixed version Description The issue is related to an array index error in the SMBv2 protocol implementation, allowing remote attackers to execute arbitrary code or cause a denial of service via a specially...