-
September 8th, 2009, 01:53 PM
#1
SMB 0-day - Windows Vista / 2008 / 7
From ISC:
We have received a report from Tyler that a vulnerability affecting Microsoft SMB2 can be remotely crashed with proof-of-concept code that has been published yesterday and a Metasploit module is out.
We have confirmed it affects Windows 7/Vista/Server 2008. The exploit needs no authentication, only file sharing enabled with one 1 packet to create a BSOD. We recommend filtering access to port TCP 445 with a firewall.
and interestingly,
Windows 2000/XP are NOT affected by this exploit.
I haven't put ** ** for greater attention required, since SMB (445) should be filtered on the firewall.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
September 13th, 2009, 08:44 PM
#2
Awwww, you mentioned my name Although I like it better when they mention my last name as well.
Windows 7 RTM isn't actually affected, only Windows 7 RC is affected.
Also it looks like it's now being called remote code execution rather than just DoS.
-
September 13th, 2009, 11:18 PM
#3
Personally, I don't want my name on anything with the exceptions of what little assets and finacials I have. I would rather be a Max Headroom like figure on everyone's screens.
-
September 29th, 2009, 08:19 PM
#4
Remote code execution PoC has been released on metasploit
http://trac.metasploit.com/browser/f..._func_index.rb
silent play in the shadow of power...
Similar Threads
-
By Irongeek in forum The Security Tutorials Forum
Replies: 2
Last Post: September 12th, 2006, 06:17 AM
-
By Cider in forum Operating Systems
Replies: 10
Last Post: March 21st, 2006, 09:30 PM
-
By gore in forum Other Tutorials Forum
Replies: 6
Last Post: October 5th, 2004, 08:26 AM
-
By warl0ck7 in forum Microsoft Security Discussions
Replies: 7
Last Post: August 14th, 2003, 12:23 PM
-
By Remote_Access_ in forum Security Archives
Replies: 9
Last Post: January 12th, 2002, 03:02 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|