Essentially puts it forward that if you have file sharing enabled you can recieve a BSoD.
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it's used
to identify the SMB dialect that will be used for futher communication.
#!/usr/bin/python
# When SMB2.0 recieve a "&" char in the "Process Id High" SMB header field it dies with a
# PAGE_FAULT_IN_NONPAGED_AREA from socket import socket
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
In computer networking, Server Message Block (SMB) operates as an application-layer network protocol mainly used to provide shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated Inter-process communication mechanism. Most usage of SMB involves computers running Microsoft Windows, where it is often known as "Microsoft Windows Network".
When discussing SMB, one should distinguish:
* the SMB protocol
* the SMB services that run on the protocol
* NetBIOS
* the DCE/RPC services that use SMB as an authenticated Inter-process communication channel (over named pipes)
* the "Network Neighborhood" protocols which primarily (but not exclusively) run as datagram services directly on the NetBIOS transport
pretty much means that an "invalid" request has the ability to kill your system if you have that port open (default is port 443 I believe). And that it's not hard to send an invalid request maliciously. Only affects systems with the driver installed, which means Win 7, Vista and Server 2008 (as far as I can find).
Best bet is to close the port until someone finds a fix for it.
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
I confuse folks any time I talk to most people about computers :p
And then when I talk with IT folks few of em understand why I have a backup server with hardware that's 6-7 years old
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
All's I got to say is when I get my Win 7 Professional upgrade on my NetBook, this problem better be fixed. :mad:
Thanks for the heads up, though. I'm never ontop of these things and with me relying on my PC's and Laptops for University, you could have just saved my life. :p
Not sure where vista hides the firewall, I'd have to look it up.
SMB is on port 445, you'd just have to close that port on the firewall.
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
psimonl wrote:Thanks for the infos, Vampyrewolf, but...
Some of your computer related thread are very hard to understand... :confused:
Simon
I get the same reaction when I say stuff like "Peel ply carbon fiber, S30V, micro serrations and a wire clip!"
“Open, close, cut, clean, oil, cut, cut, cut... To a Spyderco, that is living. Letting it die in the box is to lose 75% of what we put into it." Sal Glesser
Proudly carrying the SpyderEdge!
Chance is a fickle B$%^h and I have no faith in the judgmental abilities of criminals. -KaliGMan
There is always the possibility of having a bad request come from internally, but blocking SMB external and forcing the use of FTP for external should take care of an extranl attack. And as far as internal users breaking it, thats why we keep backups, right?
Coffee before Conciousness Why do people worry more if you argue with your voices than if you just talk with them? What about if you lose those arguements? Slowly going crazy at work... they found a way to make the voices work too.
Ok, so if (BIG IF) I'm understanding this correctly, this is not really a security issue. By that I mean no real harm is done, no viruses, no file corruption, nothing phoning home with your banking details. Worst case, you machine locks up, but when you reboot, things are back to normal. Mine never was set up to allow file sharing, I still do transfers to and from my laptop the old fashioned way, sneaker net. :o :D
Truth be known, I'm quite happy overall with Vista. Aside from the single annoying habit of rebooting without warning to install updates, it's been rock steady for me since I got this machine.
The Deacon wrote:
Truth be known, I'm quite happy overall with Vista. Aside from the single annoying habit of rebooting without warning to install updates, it's been rock steady for me since I got this machine.
i know i am going out on a really thin branch here but can't you change that in the settings of windows update? at least to pick which ones to install?
WTC #1444AlwaysRemember Need info on a particular :spyder:, just click here My knives Spydie count:a few:D
tonydahose wrote:i know i am going out on a really thin branch here but can't you change that in the settings of windows update? at least to pick which ones to install?
Tony, your correct. More a mixture of procrastination and forgetfulness on my part. Every time it happened I swore I was going to fix it - later. :o Finally changed the settings. :D
