Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2017-0146

Published: 17/03/2017 Updated: 21/06/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 950
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft server_message_block 1.0

Exploits

Exploit DB: Microsoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## # Windows XP systems that are not part of a domain default to treating all # network logons as if they were Guest This prevents SMB relay attacks from # gaining administrative access to these systems This sett ...
Exploit DB: Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)
# Exploit Author: Juan Sacco <juansacco@kpncom> at KPN Red Team - wwwkpncom # Date and time of release: May, 9 2017 - 13:00PM # Found this and more exploits on my open source security project: wwwexploitpackcom # # MS17-010 - technetmicrosoftcom/en-us/library/security/ms17-010aspx # Tested on: Microsoft Wind ...
Exploit DB: Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## # auxiliary/scanner/smb/smb_ms_17_010 require 'msf/core' class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::SMB::Client include Msf::Exploit::Remote::SMB::Client::Authenticated inc ...
Exploit DB: DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::SMB::Client MAX_SHELLCODE_SIZE = 4096 def initialize(info = {}) super(update_info(info, 'N ...

Recent Articles

Johnny Hacker hauls out NSA-crafted Server Message Block exploits, revamps 'em
The Register • John Leyden • 31 Jan 2018

Yep, vulns of WannaCry infamy. Why haven't you patched yet?

Hackers* have improved the reliability and potency of Server Message Block (SMB) exploits used to carry out the hard-hitting NotPetya ransomware attack last year. EternalBlue, EternalSynergy, EternalRomance and EternalChampion formed part of the arsenal of NSA-developed hacking tools that were leaked by the Shadow Brokers group before they were used (in part) to mount the devastating NotPetya cyber attack. The exploits – linked to the CVE-2017-0143 and CVE-2017-0146 Microsoft vulnerabilitie...

Read more...
WannaCrypt ransomware snatches NSA exploit, fscks over Telefónica, other orgs in Spain
The Register • John Leyden • 12 May 2017

EternalBlue now an eternal headache

Updated Workers at Telefónica's Madrid headquarters were left staring at their screen on Friday following a ransomware outbreak. Telefónica was one of several victims of a widespread file-encrypting ransomware outbreak, El Pais reports. Telefónica has confirmed the epidemic on its intranet while downplaying its seriousness, saying everything was under control. Fixed and mobile telephony services provided by the firm have not been affected. Other Spanish targets of the attack reportedly includ...

Read more...

References

CWE-20https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0146http://www.securityfocus.com/bid/96707http://www.securitytracker.com/id/1037991https://www.exploit-db.com/exploits/41987/https://www.exploit-db.com/exploits/41891/https://www.exploit-db.com/exploits/43970/https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdfhttp://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.htmlhttp://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://www.theregister.co.uk/2018/01/31/wannacry_smb_exploit_beefed_up/https://www.exploit-db.com/exploits/43970/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook