Page 1 of 1

Vista/Server 2008/Windows 7 remote DoS

Posted: Tue Sep 08, 2009 4:31 pm
by muto
The new SMB2 stack has a lovely exploit in it, that's very close to the old 'Ping of Death'; and lets you send a single packet to bluescreen a machine running (fully patched) Windows 7, and was later confirmed to affect Server 2008 and Vista as well. It's very close to a RCE exploit as well, there's the potential for it there, but we've yet to see a working PoC...

http://isc.sans.org/diary.html?storyid=7093

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Thu Sep 17, 2009 7:31 am
by muto
It's just been confirmed that RCE is now possible through this, leading to a remote exploit that gives you administrative rights...

Worm anyone?

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Fri Sep 18, 2009 4:23 pm
by TJ_2k7
I'm not surprised in the slightest, it is Microsoft after all ;)

Normal stuff will happen; Exploit is found, Microsoft posts 'security bulletin' and then sends a update over Windows Update =/

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Tue Nov 10, 2009 7:00 pm
by Darkness62
Do all OS's have the same issues or is it just Microsoft?

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Sun Dec 06, 2009 12:52 am
by ICT Tech
Just Microsoft!!! :lol:

Well now, Microsoft doe have these exploits are in MS OS's, however, when a new OS is released they normally all do have some bugs, but they normally all get patched with the Updates etc :P

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Sun Dec 06, 2009 9:25 am
by muto
Yeah, but Linux doesn't leave you vulnerable for a whole month until they get off the arses and do an update. When a Linux 0day comes out, there's almost always a patch being pushed within 24 hours, less if it's critical.

Re: Vista/Server 2008/Windows 7 remote DoS

Posted: Mon Dec 07, 2009 10:04 pm
by ICT Tech
muto wrote:Yeah, but Linux doesn't leave you vulnerable for a whole month until they get off the arses and do an update. When a Linux 0day comes out, there's almost always a patch being pushed within 24 hours, less if it's critical.
That's very true!

That is actually very true!! :P