Content
Microsoft Windows SMB_PACKET Remote Kernel Denial-of-Service Vulnerability
- Type
- Logic error
- Impact of exploitation
- Denial of Service
- User Interaction
- no user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- Medium
- CVE reference
- CVE-2009-3676,
- Vendor Status
- Responded, not patched
- Vulnerable systems
- Windows 7,
- Windows 7 x64,
- Windows 2008 R2,
- Summary
- A vulnerability in Microsoft Windows (Windows 7 / 2008 R2) may allow for remote denial-of-service attacks.
Tab Navigation
Description
A vulnerability in Microsoft Windows (Windows 7 / 2008 R2) may allow for remote denial-of-service attacks. The kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains a NetBIOS header with an incorrect length value.
McAfee Product Mitigation & Recommendations
Recommendations
McAfee is unaware of a vendor-supplied patch or update at this time (11/13/2009)
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- Microsoft Windows SMB_PACKET Remote Kernel Denial-of-Service Vulnerability
- Signature identifier:
- 7342
- Release date:
- 11/13/2009
Additional Resources
Windows 7 / Server 2008R2 Remote Kernel Crash
http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html
Microsoft Windows SMB Client Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3216
Microsoft Security Advisory (977544) Vulnerabilities in SMB Could Allow Denial of Service
http://www.microsoft.com/technet/security/advisory/977544.mspx
All Information
Timeline -
11/13/2009
Vendor has provided information on the vulnerability.
11/11/2009
Vulnerability information has been publicly disclosed.
11/11/2009
Vulnerability information has been publicly disclosed.
11/11/2009
A proof of concept has been released.
Description -
A vulnerability in Microsoft Windows (Windows 7 / 2008 R2) may allow for remote denial-of-service attacks. The kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains a NetBIOS header with an incorrect length value.
McAfee Product Mitigation & Recommendations
Recommendations -
McAfee is unaware of a vendor-supplied patch or update at this time (11/13/2009)
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- Microsoft Windows SMB_PACKET Remote Kernel Denial-of-Service Vulnerability
- Signature identifier:
- 7342
- Release date:
- 11/13/2009
Additional Resources
Additional Resources -
Windows 7 / Server 2008R2 Remote Kernel Crash
http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html
Microsoft Windows SMB Client Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3216
Microsoft Security Advisory (977544) Vulnerabilities in SMB Could Allow Denial of Service
http://www.microsoft.com/technet/security/advisory/977544.mspx
