Tuesday, September 16, 2008

Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS


It was released 2 days back, so, I tried to validate it with my setup. I am running Microsoft Vista with SP1 at the target. On execution from the metasploit framework it did 'nothing' on the service. I have yet to install the "kartoffel" to validate the analysis. 

According to the advisory released -
A condition exists with srv.sys and npfs.sys wherein a specially crafted WRITE ANDX SMB packet may cause a kernel Denial Of Service. 
I have already mailed about this to "Vallejo" and hope to get a reply soon. Here is a snaphot of the exploit in execution.

No comments: