Watchout For Evil SMB Servers: MS10-006

Discussion in 'other security issues & news' started by Searching_ _ _, Feb 18, 2010.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    http://www.skullsecurity.org/blog/?p=452
    Related info:
    https://www.wilderssecurity.com/showthread.php?t=265020&highlight=ms10-006
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,982
    Location:
    California
    Interesting article! I wonder how many cybercriminals have his Nbtool and are just waiting for exploit code to spread around!

    NETBIOS requests, of course, are carried out via Ports 135 - 139, which are used for those set up for network file sharing. Also port 445

    Otherwise, closing these ports at the firewall prevents the attack:

    Microsoft Security Bulletin MS10-006 - Critical
    Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
    http://www.microsoft.com/technet/security/bulletin/ms10-006.mspx
    Of course, a patch is now released!

    ----
    rich
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.