Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-024: Vulnerability in Server Message Block (SMB)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-024: Vulnerability in Server Message Block (SMB)
# 1  
Old 11-13-2008
T-024: Vulnerability in Server Message Block (SMB)
A remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker's SMB server. This vulnerability allows an attacker to replay the user's credentials back to them and execute code in the context of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Cannot login to SMB Server/Authentication denied

Hello, I have problems seting up SMB server in Solaris 11.3. I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly. I have imported the previous zfs pool with share.smb set... (7 Replies)
Discussion started by: Zorken
7 Replies

2. Solaris

/network/smb/server goes into maintenance mode.

All I'm running an OpenSolaris system (Nexenta). When doing a svcs I see that/network/smb/server is in maintenance mode. I have run a clear on the service and restarted. I see the same service show online* for a bit but then, enters maintenance every time. In the service log I... (2 Replies)
Discussion started by: dcpatriot
2 Replies
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

smbdiagnose

SMBDIAGNOSE(8)						    BSD System Manager's Manual 					    SMBDIAGNOSE(8)

NAME

     smbdiagnose -- gather information to aid in diagnosing SMB file sharing issues

SYNOPSIS

     smbdiagnose -h
     smbdiagnose [-f path] [-s]

DESCRIPTION

     The smbdiagnose tool gathers system information and network traffic in order to assist Apple when investigating issues related to SMB file
     sharing.  A great deal of information is harvested, spanning system state, system configuration, and network traffic related to SMB file
     sharing.

   What smbdiagnose Collects:
	   o   A network packet trace of SMB file sharing traffic that occurs during the time the tool is run.	This packet trace may include file
	       names and file data.  It may also include the authentication exchange used to log into the SMB server.
	   o   Enhanced debug logs for the SMB server process.
	   o   If the -s option is specified, the default set of information collected by sysdiagnose(1).

   What smbdiagnose Doesn't Collect:
	   o   No authentication credentials are harvested from the system

OPTIONS

     -h      Print full usage.
     -f path Write the diagnostic to the specified path.  The default is ``~/Desktop''.
     -s      Collect sysdiagnose(1) information.  The default is not to collect sysdiagnose(1) information.

EXIT STATUS

     smbdiagnose exits with status 0 if there were no internal errors encountered during the diagnostic, or >0 when an error unrelated to external
     state occurs or unusable input is provided by the user.

macOS								   15 July 2016 							     macOS