|
| Description: | | Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." |
|
| Impact: | | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. |
|
| Affected OS: | | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others |
|
| Reference: | | ExploitDB:9594
MicrosoftSecurityBulletin:975497
SecurityFocusBID:36299
MicrosoftSecurityBulletin:ms09-050
|
|