Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS11-020.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code on the system. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS11-020

Insight

The flaw is due to improper validation of field in SMB request, which allows remote attackers to execute arbitrary code on the system by sending a malformed SMB request.

Affected

Microsoft Windows 7 SP1 and prior Microsoft Windows 2008 SP2 and prior Microsoft Windows Vista SP2 and prior Microsoft Windows 2008 R2 SP1 and prior Microsoft Windows XP Service Pack 3 and prior Microsoft Windows 2003 Service Pack 2 and prior

References

http://osvdb.org/71781
http://secunia.com/advisories/44072/
http://technet.microsoft.com/en-us/security/bulletin/ms11-020
http://www.securitytracker.com/id?1025329
http://www.us-cert.gov/cas/techalerts/TA11-102A.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0661

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Bluetooth Stack Could Allow Remote Code Execution Vulnerability (951376)
Microsoft Groove Remote Code Execution Vulnerability (2494047)
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
Cumulative Security Update for Internet Explorer (972260)

Take action and discover your vulnerabilities