(0day) Windows Vista/7 SMB2.0 Remote B.S.O.D PoC
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for futher communication.
The vulnerability was discovered by Laurent Gaffié
Proof of Concept and background here
Related Articles
Exploitation |
|