This application requires Javascript for optimal performance.

MS.SMB.Variable.Validation

Release Date

Aug 11, 2010

Severity

medium

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Description

This indicates an attack attempt against a remote unauthenticated vulnerability in the Microsoft Server Message Block (SMB) Protocol.

The vulnerability is caused when the Microsoft Server Message Block (SMB) Protocol software improperly validates an internal variable when parsing specially crafted SMB packets. An attacker who successfully exploited this vulnerability could cause a user's system to stop responding until manually restarted.

Affected Products

Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems

Recommended Actions

Please refer to the Microsoft advisory for the update:
http://www.microsoft.com/technet/security/Bulletin/ms10-054.mspx

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2010-2551

Reference/s

http://technet.microsoft.com/en-us/security/bulletin/MS10-054.mspx (MS-ID)

Reference: VID-24067