Remote Code Execution in Windows SMB Client Message Size Vulnerability
In Microsoft Windows Server 2008 R2 and Windows 7, there's a problem with the SMB client. It doesn't correctly deal with SMBv1 and SMBv2 response packets. Because of this, remote SMB servers and attackers in the middle can run any code they want. They do this by sending a special packet. This packet makes the client read all the response and then interact wrongly with the Winsock Kernel (WSK). This issue is known as the "SMB Client Message Size Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 7 |
||
microsoft windows 7 - |
||
microsoft windows server 2008 |