(0day) Windows Vista/7 SMB2.0 Remote B.S.O.D PoC
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for futher communication.
The vulnerability was discovered by Laurent GaffiÃ©
Proof of Concept and background here