Traducido al: español Mostrar texto original Opciones ▼

Traductor de Bing
(https://www.tenable.com)
Indisponible 
(https://aka.ms/widget-
retirement)
(http://www.bing.com/translator)

(https://www.facebook.com/microsofttranslator)

MS09-050: Microsoft Windows SMB2

_Smb2ValidateProviderCallback ()
vulnerabilidad (975497)
(EDUCATEDSCHOLAR) (cheque sin
credenciales)
CRÍTICO Nessus ID Plugin 40887

Sinopsis
arbitraria de código puede ser ejecutado en el host remoto a través del puerto SMB

Descripción
The remote host is running a version of Microsoft Windows Vista or Windows Server 2008 that contains a
vulnerability in its SMBv2 implementation. An attacker can exploit this flaw to disable the remote host or
to execute arbitrary code on it.

EDUCATEDSCHOLAR is one of multiple Equation Group vulnerabilities and exploits disclosed on

2017/04/14 by a group known as the Shadow Brokers.

Solution
Microsoft has released a patch for Windows Vista and Windows Server 2008.

See Also
http://www.nessus.org/u?0f72ec72 (http://www.nessus.org/u?0f72ec72)

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2009/ms09-050
(https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2009/ms09-050)

Plugin Details
Severity: Critical
ID: 40887

File Name: smb2_pid_high_vuln.nasl

Version: 1.35

Type: remote

Agent: windows

Family: Windows (/plugins/nessus/families/Windows)

Published: 2009/09/08

Updated: 2018/11/15

Risk Information
Risk Factor: Critical

CVSS v2.0 (https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=

(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C))
Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSS v3.0 (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=

(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C))
Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information
CPE: cpe:/o:microsoft:windows

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/10/13

Vulnerability Publication Date: 2009/09/08

Exploitable With
CANVAS (CANVAS)
Core Impact

Metasploit (MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference)

Reference Information
CVE: CVE-2009-2532 (/cve/CVE-2009-2532) , CVE-2009-3103 (/cve/CVE-2009-3103)

BID: 36299 (http://www.securityfocus.com/bid/36299), 36594 (http://www.securityfocus.com/bid/36594)

MSFT: MS09-050

CERT: 135940 (https://www.kb.cert.org/vuls/id/135940)

EDV-ID : 9594 (https://www.exploit-db.com/exploits/9594) , 10005 (https://www.exploit-

db.com/exploits/10005) , 12524 (https://www.exploit-db.com/exploits/12524) , 14674 (https://www.exploit-
db.com/exploits/14674) , 16363 (https://www.exploit-db.com/exploits/16363)

MSKB : 975497 (https://support.microsoft.com/kb/975497)

CWE : 94 (https://cwe.mitre.org/data/definitions/94) , 399 (https://cwe.mitre.org/data/definitions/399)

© 2019 Tenable®, Inc. Todos los derechos reservados

Política de privacidad (https://www.tenable.com/privacy-policy)

Legal (https://www.tenable.com/legal)

508 cumplimiento (https://www.tenable.com/section-508-voluntary-product-accessibility)