SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Server Message Block Vendors:   Microsoft
Windows Server Message Block Validation Errors Let Remote Users Deny Service and Execute Arbitrary Code
SecurityTracker Alert ID:  1023004
SecurityTracker URL:  http://securitytracker.com/id/1023004
CVE Reference:   CVE-2009-2526, CVE-2009-2532   (Links to External Site)
Date:  Oct 13 2009
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2008 SP2, Vista SP2
Description:   Two vulnerabilities were reported in Windows Server Message Block. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

A remote user can send specially crafted SMB Multi-Protocol Negotiate Request packets to trigger a data validation error and execute arbitrary code on the target system [CVE-2009-2532]. The code will run with the privileges of the target service.

Matthieu Suiche of the Netherlands Forensics Institute reported this vulnerability.

A remote user can send a specially crafted SMB v2 packet to cause the target service to enter an infinite loop [CVE-2009-2526]. The system must be manually restarted to return to normal operations.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can cause the target service to hang.

Solution:   The vendor has issued the following fixes:

Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=29842c0c-8930-4b5f-83c6-1a718974b63f

Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=62ed5d0a-5ca6-4942-80c9-7808b14cb6b5

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=ff6bfcf3-76c9-4c45-b57d-22f94458dd6e

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=aff6f9c7-4a72-48f2-b750-204d796c7daa

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=7b70108b-7f59-4898-ab4e-76be990de878

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-050.mspx (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC