Published: 10/02/2010 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle malicious users to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges, via a crafted SMB Negotiate response, aka "SMB Client Race Condition Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2008 r2
microsoft windows server 2008 -
microsoft windows vista
microsoft windows 7 -
microsoft windows server 2008
microsoft windows vista -

# More Info: g-laurentblogspotcom/2010/04/turning-smb-client-bug-to-server-sidehtml import sys,SocketServer,socket,threading,time,random from random import * from time import sleep from socket import * if len(sysargv)<=2: sysexit('Usage: pwnpy Your_ip Broadcast_ip\n\r Example: pwnpy 10001 1000255') ip = str(sysargv[1]) n ...

CWE-362 http://www.us-cert.gov/cas/techalerts/TA10-040A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8298 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-006 https://nvd.nist.gov https://www.exploit-db.com/exploits/12258/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0017

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect