10
CVSSv2

CVE-2009-2532

CVSSv4: NA | CVSSv3: NA | CVSSv2: 10 | VMScore: 1000 | EPSS: 0.50149 | KEV: Not Included
Published: 14/10/2009 Updated: 21/11/2024

Vulnerability Summary

Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote malicious users to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "SMBv2 Command Value Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008

microsoft windows server 2008 -

microsoft windows vista

microsoft windows vista -

Exploits

# EDB-Note: Source ~ rawgithubusercontentcom/ohnozzy/Exploit/master/MS09_050py #!/usr/bin/python #This module depends on the linux command line program smbclient #I can't find a python smb library for smb login If you can find one, you can replace that part of the code with the smb login function in python #The idea is that after th ...
Microsoft SRV2SYS SMB Negotiate ProcessID Function Table Dereference --------------------------------------------------------------------- Exploited by Piotr Bania // wwwpiotrbaniacom Exploit for Vista SP2/SP1 only, should be reliable! Tested on: Vista sp2 (60600218005) Vista sp1 ultimate (60600118000) Kudos for: Stephen, HDM, Laurent G ...