EUVD-2022-55839

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...

CVE-2022-50859 cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...

Microsoft Windows 10 (1903/1909) - SMBGhost SMB3.1.1 SMB2_COMPRESSION_CAPABILITIES Buffer Overflow

Microsoft Windows 10 1903/1909 - 'SMBGhost' SMB3.1.1 'SMB2COMPRESSIONCAPABILITIES' Buffer Overflow PoC CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This scrip...

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)

CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in t...

Microsoft Windows 10 (19031909) - SMBGhost SMB3.1.1 SMB2_COMPRESSION_CAPABILITIES Buffer Overflow (PoC)

Microsoft Windows 10 19031909 - SMBGhost SMB3.1.1 SMB2COMPRESSIONCAPABILITIES Buffer Overflow PoC CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This script...