Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в SMB-сервере Microsoft Windows
Опубликовано:10 февраля 2010 г.
Источник:
SecurityVulns ID:10609
Тип:удаленная
Уровень опасности:
7/10
Описание:Повреждения памяти, переполнения буфера, DoS-условия, криптографические уязвимости.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-0231 (The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token, aka "SMB NTLM Authentication Lack of Entropy Vulnerability.")
 CVE-2010-0022 (The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate the share and servername fields in SMB packets, which allows remote attackers to cause a denial of service (system hang) via a crafted packet, aka "SMB Null Pointer Vulnerability.")
 CVE-2010-0021 (Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "SMB Memory Corruption Vulnerability.")
 CVE-2010-0020 (The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate request fields, which allows remote authenticated users to execute arbitrary code via a malformed request, aka "SMB Pathname Overflow Vulnerability.")
Оригинальный текстdocumentHernan Ochoa, [Full-disclosure] Windows SMB NTLM Authentication Weak Nonce Vulnerability (10.02.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-012 - Important Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) (10.02.2010)
Файлы:Microsoft Security Bulletin MS10-012 - Important Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород