Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2017-0148

Published: 17/03/2017 Updated: 21/06/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 945
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft server_message_block 1.0

Exploits

Exploit DB: Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## # auxiliary/scanner/smb/smb_ms_17_010 require 'msf/core' class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::SMB::Client include Msf::Exploit::Remote::SMB::Client::Authenticated inc ...
Exploit DB: DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::SMB::Client MAX_SHELLCODE_SIZE = 4096 def initialize(info = {}) super(update_info(info, 'N ...
Exploit DB: Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)
# Exploit Author: Juan Sacco <juansacco@kpncom> at KPN Red Team - wwwkpncom # Date and time of release: May, 9 2017 - 13:00PM # Found this and more exploits on my open source security project: wwwexploitpackcom # # MS17-010 - technetmicrosoftcom/en-us/library/security/ms17-010aspx # Tested on: Microsoft Wind ...

Github Repositories

https://github.com/maragard/genestealer

A worm pwning Linux and Windows machines

GENESTEALER A worm exploiting CVE-2014-6271/6278 (Shellshock) & CVE-2017-0148 (EternalBlue) Developed by Marcus Agard & Robert T Unnold Link to presentation DISCLAIMER: This code was developed for research purposes As stated in our license's section 4 subsection b, no warranties or declarations of fitness for purpose are implied Please use it responsibly

Recent Articles

WannaCrypt ransomware snatches NSA exploit, fscks over Telefónica, other orgs in Spain
The Register • John Leyden • 12 May 2017

EternalBlue now an eternal headache

Updated Workers at Telefónica's Madrid headquarters were left staring at their screen on Friday following a ransomware outbreak. Telefónica was one of several victims of a widespread file-encrypting ransomware outbreak, El Pais reports. Telefónica has confirmed the epidemic on its intranet while downplaying its seriousness, saying everything was under control. Fixed and mobile telephony services provided by the firm have not been affected. Other Spanish targets of the attack reportedly includ...

Read more...

References

CWE-20https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148http://www.securityfocus.com/bid/96706http://www.securitytracker.com/id/1037991https://www.exploit-db.com/exploits/41987/https://www.exploit-db.com/exploits/41891/https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdfhttp://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.htmlhttp://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://github.com/maragard/genestealerhttps://www.theregister.co.uk/2017/05/12/spain_ransomware_outbreak/https://www.exploit-db.com/exploits/41891/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook