Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-024: Vulnerability in Server Message Block (SMB)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-024: Vulnerability in Server Message Block (SMB)
# 1  
Old 11-13-2008
T-024: Vulnerability in Server Message Block (SMB)
A remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker's SMB server. This vulnerability allows an attacker to replay the user's credentials back to them and execute code in the context of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Cannot login to SMB Server/Authentication denied

Hello, I have problems seting up SMB server in Solaris 11.3. I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly. I have imported the previous zfs pool with share.smb set... (7 Replies)
Discussion started by: Zorken
7 Replies

2. Solaris

/network/smb/server goes into maintenance mode.

All I'm running an OpenSolaris system (Nexenta). When doing a svcs I see that/network/smb/server is in maintenance mode. I have run a clear on the service and restarted. I see the same service show online* for a bit but then, enters maintenance every time. In the service log I... (2 Replies)
Discussion started by: dcpatriot
2 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

smbus

SMBUS(4)						   BSD Kernel Interfaces Manual 						  SMBUS(4)

NAME

     smbus -- System Management Bus

SYNOPSIS

     device smbus

     device iicsmb
     device bktr

DESCRIPTION

     The smbus system provides a uniform, modular and architecture-independent system for the implementation of drivers to control various SMB
     devices and to utilize different SMB controllers (I2C, PIIX4, Brooktree848, vm86...).

System Management Bus
     The System Management Bus is a two-wire interface through which simple power-related chips can communicate with rest of the system.  It uses
     I2C as its backbone (see iicbus(4)).

     A system using SMB passes messages to and from devices instead of tripping individual control lines.

     With the SMBus, a device can provide manufacturer information, tell the system what its model/part number is, save its state for a suspend
     event, report different types of errors, accept control parameters, and return its status.

     The SMBus may share the same host device and physical bus as ACCESS bus components provided that an appropriate electrical bridge is provided
     between the internal SMB devices and external ACCESS bus devices.

SEE ALSO

     bktr(4), iicbus(4), iicsmb(4), smb(4)

     The SMBus specification, http://www.smbus.org/specs/.

HISTORY

     The smbus manual page first appeared in FreeBSD 3.0.

AUTHORS

     This manual page was written by Nicolas Souchu.

BSD
								  August 10, 1998							       BSD