Microsoft Windows SMB2 Negotiation Protocol Remote Code Execution Vulnerability Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS09-050.

Impact

An attacker can exploit this issue to execute code with SYSTEM-level privileges failed exploit attempts will likely cause denial-of-service conditions. Impact Level: System

Insight

Multiple vulnerabilities exists, - A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB version 2 (SMBv2) packets. - Unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets.

Affected

- Windows 7 RC - Windows Vista and - Windows 2008 Server

References

http://www.microsoft.com/technet/security/bulletin/MS09-050.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2526, CVE-2009-2532, CVE-2009-3103

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
Microsoft .NET Framework Open Data Protocol DOS Vulnerability (2769327)
Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
Microsoft DirectShow Remote Code Execution Vulnerability (977935)
Internet Explorer Vector Markup Language Remote Code Execution Vulnerability (2544521)

Take action and discover your vulnerabilities