Windows SMB2 buffer overflow

Added: 09/20/2010
CVE: CVE-2009-3103
BID: 36299
OSVDB: 57799

Background

SMB2 is the replacement protocol for the SMB Windows filesharing protocol.

Problem

A buffer overflow vulnerability in the SMB2 Service allows remote attackers to execute arbitrary commands.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 09-050.

References

http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx

Limitations

Exploit works on Windows Vista SP1 and SP2. Exploitation attempts while other SMB2 activity is taking place may cause target system to reboot.

Platforms

Windows Vista

Back to exploit index