CVE-2009-3676 - OpenCVE

The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 7 Windows Server 2008

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_7::::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:::::::*

No data.

References

Link	Providers
http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx
http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html
http://news.cnet.com/8301-27080_3-10395891-245.html
http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/
http://seclists.org/fulldisclosure/2009/Nov/134
http://secunia.com/advisories/37347
http://secunia.com/blog/66/
http://www.microsoft.com/technet/security/advisory/977544.mspx
http://www.securitytracker.com/id?1023179
http://www.us-cert.gov/cas/techalerts/TA10-103A.html
http://www.vupen.com/english/advisories/2009/3216
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2009-11-13T15:00:00

Updated: 2024-08-07T06:38:29.551Z

Reserved: 2009-10-13T00:00:00

Link: CVE-2009-3676

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-11-13T15:30:00.733

Modified: 2018-10-30T16:28:01.187

Link: CVE-2009-3676

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-11-11T00:00:00", "descriptions": [{"lang": "en", "value": "The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka \"SMB Client Incomplete Response Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://news.cnet.com/8301-27080_3-10395891-245.html"}, {"name": "1023179", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023179"}, {"tags": ["x_refsource_MISC"], "url": "http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html"}, {"name": "oval:org.mitre.oval:def:7186", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.microsoft.com/technet/security/advisory/977544.mspx"}, {"name": "37347", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37347"}, {"name": "ADV-2009-3216", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3216"}, {"name": "MS10-020", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020"}, {"tags": ["x_refsource_MISC"], "url": "http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/"}, {"tags": ["x_refsource_MISC"], "url": "http://secunia.com/blog/66/"}, {"name": "20091111 Windows 7 , Server 2008R2 Remote Kernel Crash", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2009/Nov/134"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx"}, {"name": "TA10-103A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2009-3676", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka \"SMB Client Incomplete Response Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://news.cnet.com/8301-27080_3-10395891-245.html", "refsource": "MISC", "url": "http://news.cnet.com/8301-27080_3-10395891-245.html"}, {"name": "1023179", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023179"}, {"name": "http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html", "refsource": "MISC", "url": "http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html"}, {"name": "oval:org.mitre.oval:def:7186", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186"}, {"name": "http://www.microsoft.com/technet/security/advisory/977544.mspx", "refsource": "CONFIRM", "url": "http://www.microsoft.com/technet/security/advisory/977544.mspx"}, {"name": "37347", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37347"}, {"name": "ADV-2009-3216", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3216"}, {"name": "MS10-020", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020"}, {"name": "http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/", "refsource": "MISC", "url": "http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/"}, {"name": "http://secunia.com/blog/66/", "refsource": "MISC", "url": "http://secunia.com/blog/66/"}, {"name": "20091111 Windows 7 , Server 2008R2 Remote Kernel Crash", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2009/Nov/134"}, {"name": "http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx", "refsource": "CONFIRM", "url": "http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx"}, {"name": "TA10-103A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T06:38:29.551Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://news.cnet.com/8301-27080_3-10395891-245.html"}, {"name": "1023179", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1023179"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html"}, {"name": "oval:org.mitre.oval:def:7186", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.microsoft.com/technet/security/advisory/977544.mspx"}, {"name": "37347", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/37347"}, {"name": "ADV-2009-3216", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/3216"}, {"name": "MS10-020", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://secunia.com/blog/66/"}, {"name": "20091111 Windows 7 , Server 2008R2 Remote Kernel Crash", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2009/Nov/134"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx"}, {"name": "TA10-103A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2009-3676", "datePublished": "2009-11-13T15:00:00", "dateReserved": "2009-10-13T00:00:00", "dateUpdated": "2024-08-07T06:38:29.551Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka \"SMB Client Incomplete Response Vulnerability.\""}, {"lang": "es", "value": "El cliente SMB en el kernel de Microsoft Windows Server 2008 R2 y Windows 7 permite que los servidores SMB remotos y los atacantes de tipo man-in-the-middle generen una denegaci\u00f3n de servicio (bucle infinito y bloqueo del sistema) por medio de un (1) paquete de respuesta SMBv1 o (2) SMBv2 que contenga (a) un paquete de respuesta SMBv2 (1) valor de longitud inapropiado en un encabezado NetBIOS o (b) un campo de longitud adicional al final de este paquete de respuesta, tambi\u00e9n se conoce como \"SMB Client Incomplete Response Vulnerability\"."}], "id": "CVE-2009-3676", "lastModified": "2018-10-30T16:28:01.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-11-13T15:30:00.733", "references": [{"source": "secure@microsoft.com", "url": "http://blogs.technet.com/msrc/archive/2009/11/13/microsoft-security-advisory-977544-released.aspx"}, {"source": "secure@microsoft.com", "tags": ["Exploit"], "url": "http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html"}, {"source": "secure@microsoft.com", "url": "http://news.cnet.com/8301-27080_3-10395891-245.html"}, {"source": "secure@microsoft.com", "tags": ["Exploit"], "url": "http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/"}, {"source": "secure@microsoft.com", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2009/Nov/134"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/37347"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/blog/66/"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.microsoft.com/technet/security/advisory/977544.mspx"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1023179"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3216"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7186"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}