7 matches found
EUVD-2007-3907
Malware in sbrugna...
Microsoft Windows SMB Tree Connect Response denial of service vulnerability
Overview Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service on a vulnerable system. Description Microsoft Windows fails to properly handle traffic from a malicious server. In particular...
Microsoft Confirms SMB2 Flaw, Heightens Severity
Microsoft has issued a formal security advisory to confirm the remote reboot flaw in its implementation of the SMB2 protocol, going a step further to warn that a successful attack could lead to remote code execution and full system takeover. The vulnerability, which was originally released as a...
Windows SMB version 2 vulnerability
Overview Microsoft Windows Vista and Server 2008 do not correctly parse SMB version 2 messages.This vulnerability could allow an attacker to execute arbitrary code. Description The Server Message Block version 2 SMBv2 protocol is the successor to the original SMB protocol. SMBv2 is available in...
smb-server-stats NSE Script
Attempts to grab the server's statistics over SMB and MSRPC, which uses TCP ports 445 or 139. An administrator account is required to pull these statistics on most versions of Windows, and Vista and above require UAC to be turned down. Some of the numbers returned here don't feel right to me, but...
Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability
Description Microsoft SMB is susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. Remote attackers may exploit this vulnerability to execut...
Buffer overflow in Windows 2000/NT SMB protocol
Malcrafted SMB quiery into port 139/445 causes server to crash...