SMB Exploited: WannaCry Use of EternalBlue

Server Message Block SMB is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services. SMB operates over TCP ports 139 and 445. In April 2017, Shadow Brokers released an SMB vulnerability named...

Microsoft Windows SMB NT Trans请求缓冲区溢出漏洞（MS09-001）

BUGTRAQ ID: 33121 CVECAN ID: CVE-2008-4834 Windows是微软发布的非常流行的操作系统。 Microsoft服务器消息块（SMB）协议软件处理特制SMB数据包的方式存在缓冲区溢出漏洞，未经认证的远程攻击者可以在NT Trans请求中指定畸形的值导致内核忙碌，必须重启系统才能恢复操作。利用此漏洞的大多数尝试会导致系统拒绝服务，但是远程执行代码在理论上是可行的。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft...

Remote code execution

Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Cod...

Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Microsoft Windows; remote code execution is also theoretically possible. User interaction is not required to exploit this vulnerability. The specific flaw exists in the processing of...

ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability

ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-001 January 13, 2009 -- CVE ID: CVE-2008-4834 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows XP Microsoft Windows 2000 SP4 Microsoft...