Описание
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-3676
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186
- http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx
- http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html
- http://news.cnet.com/8301-27080_3-10395891-245.html
- http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008
- http://seclists.org/fulldisclosure/2009/Nov/134
- http://secunia.com/advisories/37347
- http://secunia.com/blog/66
- http://www.microsoft.com/technet/security/advisory/977544.mspx
- http://www.securitytracker.com/id?1023179
- http://www.us-cert.gov/cas/techalerts/TA10-103A.html
- http://www.vupen.com/english/advisories/2009/3216
EPSS
CVE ID
Связанные уязвимости
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."
EPSS