13 lines
No EOL
1 KiB
Text
13 lines
No EOL
1 KiB
Text
source: https://www.securityfocus.com/bid/5556/info
|
|
|
|
Microsoft Windows operating systems use the Server Message Block (SMB) protocol to support services such as file and printer sharing. A buffer overflow vulnerability has been reporting in the handling of some malformed SMB requests.
|
|
|
|
An attacker may send a malformed SMB request packet in order to exploit this condition. It has been reported possible to corrupt heap memory, leading to a crash of the underlying system.
|
|
|
|
It may prove possible to exploit this vulnerability to execute arbitrary code and gain local access to the vulnerable system. This possibility has not, however, been confirmed.
|
|
|
|
Reportedly, this vulnerability may be exploited both as an authenticated user, and with anonymous access to the service.
|
|
|
|
It has been reported, by "Fabio Pietrosanti \(naif\)" <naif@blackhats.it>, that disabling the NetBIOS Null Session will prevent exploitation of this vulnerablity.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21747.zip |