Oval Definition:oval:org.mitre.oval:def:6489
Revision Date:2014-08-18Version:22
Title:SMBv2 Negotiation Vulnerability
Description:Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-3103
Platform(s):Microsoft Windows Server 2008
Microsoft Windows Vista
Product(s):SMBv2
Definition Synopsis
  • Windows Vista x86/x64
  • Vista x86/x64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6000.16000
  • AND the version of srv2.sys is less than 6.0.6000.16927
  • OR Windows Vista x86/x64
  • Vista x86/x64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6000.20000
  • AND the version of srv2.sys is less than 6.0.6000.21127
  • OR Windows Vista x86/x64, Windows Server 2008 x86/x64/ia64
  • Vista x86/x64/Server 2008 x86/x64/ia64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6001.18000
  • AND the version of srv2.sys is less than 6.0.6001.18331
  • OR Windows Vista x86/x64, Windows Server 2008 x86/x64/ia64
  • Vista x86/x64/Server 2008 x86/x64/ia64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6001.22000
  • AND the version of srv2.sys is less than 6.0.6001.22522
  • OR Windows Vista x86/x64, Windows Server 2008 x86/x64/ia64
  • Vista x86/x64, Server 2008 x86/x64/ia64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6002.18000
  • AND the version of srv2.sys is less than 6.0.6002.18112
  • OR Windows Vista x86/x64, Windows Server 2008 x86/x64/ia64
  • Vista x86/x64, Server 2008 x86/x64/ia64
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND the version of srv2.sys is greater than or equal 6.0.6002.22000
  • AND the version of srv2.sys is less than 6.0.6002.22225
  • BACK