This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2017-03-16
Product Server Message Block Last view 2017-03-16
Version 1.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:server_message_block

Activity : Overall

Related : CVE

  Date Alert Description
8.1 2017-03-16 CVE-2017-0148

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

5.9 2017-03-16 CVE-2017-0147

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."

8.1 2017-03-16 CVE-2017-0146

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.

8.1 2017-03-16 CVE-2017-0145

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.

8.1 2017-03-16 CVE-2017-0144

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

8.1 2017-03-16 CVE-2017-0143

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

CWE : Common Weakness Enumeration

%idName
83% (5) CWE-20 Improper Input Validation
16% (1) CWE-200 Information Exposure

SAINT Exploits

Description Link
Windows SMB PsImpersonateClient null token vulnerability More info here
Windows SMBv1 Transaction race condition More info here
Windows SMBv1 Remote Command Execution More info here

Snort® IPS/IDS

Date Description
2018-03-17 Microsoft Windows SMB kernel heap memory leak attempt
RuleID : 45978-community - Type : OS-WINDOWS - Revision : 2
2018-04-17 Microsoft Windows SMB kernel heap memory leak attempt
RuleID : 45978 - Type : OS-WINDOWS - Revision : 2
2018-03-17 Microsoft Windows SMB kernel heap memory leak attempt
RuleID : 45977-community - Type : OS-WINDOWS - Revision : 2
2018-04-17 Microsoft Windows SMB kernel heap memory leak attempt
RuleID : 45977 - Type : OS-WINDOWS - Revision : 2
2017-05-23 Microsoft Windows SMB remote code execution attempt
RuleID : 42944-community - Type : OS-WINDOWS - Revision : 2
2017-06-20 Microsoft Windows SMB remote code execution attempt
RuleID : 42944 - Type : OS-WINDOWS - Revision : 2
2017-05-09 Microsoft Windows SMB possible leak of kernel heap memory
RuleID : 42339-community - Type : OS-WINDOWS - Revision : 3
2017-05-25 Microsoft Windows SMB possible leak of kernel heap memory
RuleID : 42339 - Type : OS-WINDOWS - Revision : 3
2017-05-23 Microsoft Windows SMBv1 WriteAndX and TransSecondaryRequest TotalDataCount ou...
RuleID : 42294 - Type : OS-WINDOWS - Revision : 2
2017-04-14 Microsoft Windows SMBv1 identical MID and FID type confusion attempt
RuleID : 41984 - Type : OS-WINDOWS - Revision : 5
2017-04-14 Microsoft Windows SMBv1 identical MID and FID type confusion attempt
RuleID : 41983 - Type : OS-WINDOWS - Revision : 2
2017-04-19 Microsoft Windows SMB remote code execution attempt
RuleID : 41978-community - Type : OS-WINDOWS - Revision : 5
2017-04-12 Microsoft Windows SMB remote code execution attempt
RuleID : 41978 - Type : OS-WINDOWS - Revision : 5

Nessus® Vulnerability Scanner

id Description
2017-03-20 Name: The remote Windows host is affected by multiple vulnerabilities.
File: ms17-010.nasl - Type: ACT_GATHER_INFO
2017-03-15 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17-010.nasl - Type: ACT_GATHER_INFO