EvilFingers: Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS

Tuesday, September 16, 2008

Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS

In reference to: http://www.vallejo.cc/proyectos/vista_SMB_write_DoS.htm

It was released 2 days back, so, I tried to validate it with my setup. I am running Microsoft Vista with SP1 at the target. On execution from the metasploit framework it did 'nothing' on the service. I have yet to install the "kartoffel" to validate the analysis.

According to the advisory released -

A condition exists with srv.sys and npfs.sys wherein a specially crafted WRITE ANDX SMB packet may cause a kernel Denial Of Service.

I have already mailed about this to "Vallejo" and hope to get a reply soon. Here is a snaphot of the exploit in execution.

No comments:

Post a Comment

About Us

Evilfingers is a collection of individuals devoted to raising the bar in the field of information security. Evilfingers blog is offered to the greater information security community to help our colleagues analyze threats and to find solutions.

RootkitAnalytics is a web portal to educate and protect our users from the current day rootkits around the world. Check out our Tweets to stay posted on what's happening at our end.

ISJobs is our InfoSec job portal/blog, where we list the new job openings to help our community. Help yourself to find a job by vising our blogs regularly.

Tuesday, September 16, 2008

Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS

No comments:

About Us

FireEye Malware Intelligence Lab

S!Ri.URZ - Crimeware Blog

M86 Security TRACE News

Search This Blog

Blog Archive

Our Followers

Books we like...

Technology Partners - Malware Intelligence

Bugspy.net - Our New Technology Partner

BugSpy.net - Exploitable bugs detector