SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Server Message Block Vendors:   Microsoft
Windows SMB Server Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025329
SecurityTracker URL:  http://securitytracker.com/id/1025329
CVE Reference:   CVE-2011-0661   (Links to External Site)
Date:  Apr 12 2011
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1; and prior service packs
Description:   A vulnerability was reported in Windows Server Message Block (SMB) Server. A remote user can execute arbitrary code on the target system.

A remote user can send a specially crafted SMB request to execute arbitrary code on the target system. The code will run with the privileges of the target service.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=CCB08A8A-F4D9-4320-8FFB-3FD4FE217987

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=7EE202DA-A711-42EE-BEA3-7202A70E4EA0

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=64C550D4-C927-4382-91E1-473ED6790819

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=EF62DB94-4F72-4245-AC9F-6391035E2516

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=79AEB3CD-7C73-467B-B91E-02C6EA01E911

Windows Vista Service Pack 1 and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=D6EDDFF4-A242-4DEC-9D84-72891DB2B754

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=2878C587-6544-40B4-9288-FC3B3CE1128D

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=31C48BA9-7774-4633-862D-5C27C3703584

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=DE843115-CF98-4511-AA93-F620E4572555

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=B89B8E28-CD98-4BCC-8729-5E51D52D1E92

Windows 7 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=D3EF905B-3584-4842-9EC2-CF3856305D49

Windows 7 for 32-bit Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=D3EF905B-3584-4842-9EC2-CF3856305D49

Windows 7 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=7DDC943B-6868-4E8F-A869-89B47133C287

Windows 7 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=7DDC943B-6868-4E8F-A869-89B47133C287

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=C4352802-9C5A-4C07-8303-3A4B78D3F954

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=C4352802-9C5A-4C07-8303-3A4B78D3F954

Windows Server 2008 R2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=0005377B-443F-44CA-A890-620B2DCEA6F1

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=0005377B-443F-44CA-A890-620B2DCEA6F1

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms11-020.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms11-020.mspx (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC