Executive Summary

Informations
Name CVE-2009-3676 First vendor Publication 2009-11-13
Vendor Cve Last vendor Modification 2018-10-30

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.1 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3676

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7186
 
Oval ID: oval:org.mitre.oval:def:7186
Title: SMB Client Incomplete Response Vulnerability
Description: The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-3676
 Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 1

ExploitDB Exploits

id Description
2011-06-14 MS HyperV Persistent DoS Vulnerability
2010-04-17 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC

OpenVAS Exploits

Date Description
2010-04-14 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (980232)
File : nvt/secpod_ms10-020.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
59957 Microsoft Windows SMB Response Handling Remote DoS

Snort® IPS/IDS

Date Description
2020-01-07 Microsoft Windows and Server malformed header denial of service attempt
RuleID : 52369 - Revision : 1 - Type : OS-WINDOWS
2014-03-27 Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution ...
RuleID : 29943 - Revision : 3 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution ...
RuleID : 23237 - Revision : 8 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB Negotiate Protocol response DoS attempt
RuleID : 18195 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution ...
RuleID : 16540 - Revision : 18 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMBv1 BytesNeeded ring0 buffer overflow attempt
RuleID : 16539 - Revision : 8 - Type : OS-WINDOWS
2014-01-10 SMB client TRANS response ring0 remote code execution attempt
RuleID : 16532 - Revision : 6 - Type : NETBIOS
2014-01-10 SMB client TRANS response ring0 remote code execution attempt
RuleID : 16531 - Revision : 11 - Type : NETBIOS
2014-01-10 Microsoft Windows SMB Negotiate Protocol response DoS attempt - empty SMB 2
RuleID : 16454 - Revision : 8 - Type : OS-WINDOWS
2014-01-10 SMB Negotiate Protocol response DoS attempt - empty SMB 1
RuleID : 16453 - Revision : 4 - Type : SPECIFIC-THREATS
2014-01-10 Microsoft Windows SMB Negotiate Protocol response DoS attempt
RuleID : 16287 - Revision : 8 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2010-04-13 Name : Arbitrary code can be executed on the remote host through the installed SMB c...
File : smb_nt_ms10-020.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CERT http://www.us-cert.gov/cas/techalerts/TA10-103A.html
CONFIRM http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-...
http://www.microsoft.com/technet/security/advisory/977544.mspx
FULLDISC http://seclists.org/fulldisclosure/2009/Nov/134
MISC http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html
http://news.cnet.com/8301-27080_3-10395891-245.html
http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-serv...
http://secunia.com/blog/66/
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10...
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK http://www.securitytracker.com/id?1023179
SECUNIA http://secunia.com/advisories/37347
VUPEN http://www.vupen.com/english/advisories/2009/3216

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2021-05-04 12:10:20
  • Multiple Updates
2021-04-22 01:10:47
  • Multiple Updates
2020-05-23 00:24:28
  • Multiple Updates
2018-10-31 00:19:59
  • Multiple Updates
2018-10-13 00:22:52
  • Multiple Updates
2017-09-19 09:23:27
  • Multiple Updates
2016-04-26 19:12:26
  • Multiple Updates
2014-02-17 10:52:02
  • Multiple Updates
2014-01-19 21:26:14
  • Multiple Updates
2013-05-10 23:59:36
  • Multiple Updates