VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

JVNVU#135940 ( CVE-2009-3103 | VU#135940 )

Windows SMB version 2 に脆弱性

http://jvn.jp/cert/JVNVU135940/index.html

Microsoft Windows Vista および Server 2008 には、Server Message Block version 2 (SMBv2) メッセージの解析に起因する脆弱性が存在します。

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2009-09-11

Source Information Category:

Advisory, Alert

Last Updated:

2009-09-11

Affected Product Tags

cpe:/o:microsoft:windows_server_2008:::itanium (Microsoft Windows Server 2008 Itanium)

cpe:/o:microsoft:windows_server_2008:::x32 (Windows Server 2008 for 32-bit Systems)

cpe:/o:microsoft:windows_server_2008:::x64 (Windows Server 2008 for 64-bit Systems)

cpe:/o:microsoft:windows_vista (Microsoft Windows Vista)

cpe:/o:microsoft:windows_vista:::x64 (Microsoft Windows Vista x64)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

Common Vulnerabilities and Exposures (CVE) CVE-2009-3103

Array index error in the SMB2 protocol implementation in srv2.sys inMicrosoft Windows 7, Server 2008, and Vista Gold, SP1, and SP2 allowsremote attackers to cause a denial of service (system crash) via an &(ampersand) character in a Process ID High header field in a NEGOTIATEPROTOCOL REQUEST packet, which triggers an attempted dereference of anout-of-bounds memory location. NOTE: some of these details areobtained from third party information.

US-CERT Vulnerability Note VU#135940 Windows SMB version 2 vulnerability

Microsoft Windows Vista and Server 2008 do not correctly parse SMB version 2 messages.This vulnerability could allow an attacker to execute arbitrary code.

References