Watchout For Evil SMB Servers: MS10-006

Discussion in 'other security issues & news' started by Searching_ _ _, Feb 18, 2010.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    http://www.skullsecurity.org/blog/?p=452
    Related info:
    https://www.wilderssecurity.com/showthread.php?t=265020&highlight=ms10-006
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Interesting article! I wonder how many cybercriminals have his Nbtool and are just waiting for exploit code to spread around!

    NETBIOS requests, of course, are carried out via Ports 135 - 139, which are used for those set up for network file sharing. Also port 445

    Otherwise, closing these ports at the firewall prevents the attack:

    Microsoft Security Bulletin MS10-006 - Critical
    Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
    http://www.microsoft.com/technet/security/bulletin/ms10-006.mspx
    Of course, a patch is now released!

    ----
    rich
     
Loading...
Thread Status:
Not open for further replies.