-->
SecPod ID: 10229 Status: Public Report
Vulnerabilities in SMB Could Allow Remote Code Execution (958687) Severity: High
Release Date: 14-01-2009
CVSS Base Score: 7.1 (AV:N/AC:M/Au:NR/C:N/I:N/A:C)
CVSS Temporal Score = 5.6
Impact Level: System/Network
Affected Software/OS/Device:
- Microsoft Windows 2K Service Pack 4 and prior.
- Microsoft Windows XP Service Pack 3 and prior.
- Microsoft Windows 2003 Service Pack 2 and prior.
OpenVAS Plugin ID: 900069
Snort Signature ID:
OVAL ID:
Vulnerability Insight:
Overview:
Multiple vulnerabilities in Windows SMB could allow remote code execution.
Description:
The issue is due to the way Server Message Block (SMB) Protocol software
handles specially crafted SMB packets.
Impact:
Successful exploitation could allow remote unauthenticated attackers
to cause denying the service by sending a specially crafted network message
to a system running the server service.
CVSS Score Report:
ACCESS_VECTOR = NETWORK
ACCESS_COMPLEXITY = MEDIUM
AUTHENTICATION = NOT_REQUIRED
CONFIDENTIALITY_IMPACT = NONE
INTEGRITY_IMPACT = NONE
AVAILABILITY_IMPACT = COMPLETE
EXPLOITABILITY = UNPROVEN
REMEDIATION_LEVEL = OFFICIAL_FIX
REPORT_CONFIDENCE = CONFIRMED
CVSS Base Score = 7.1 (AV:N/AC:M/Au:NR/C:N/I:N/A:C)
CVSS Temporal Score = 5.6
Risk factor = High
Fix:
un Windows Update and update the listed hotfixes or download and
update mentioned hotfixes in the advisory from the below link,
http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
References:
http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx