-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
____/ Tony Manco on Tuesday 08 Sep 2009 13:50 : \____
> Roy Schestowitz wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
>>
>> ,----[ Quote ]
>> | V. BUSINESS IMPACT
>> |
>> | An attacker can remotly crash without no user interaction, any
>> | Vista/Windows 7 machine with SMB enable. Windows Xp, 2k, are NOT
>> | affected as they dont have this driver.
>> |
>> | VI. SYSTEMS AFFECTED
>> |
>> | Windows Vista/7 All (64b/32b|SP1/SP2 fully updated) and possibly Win
>> | Server 2008 as it use the same SMB2.0 driver (not tested).
>> `----
>>
>> http://seclists.org/fulldisclosure/2009/Sep/0039.html
>>
>> I'm sure Vista 8 will solve everything! Just bear with Microsoft... some
>> day it will all be wonderful. They promise.
>
> You forgot an interesting part, the solution:
>
> ,----[ Quote ]
> | VII. SOLUTION
> | Vendor contacted, but no patch available for the moment. Close SMB feature
> | and ports, until a patch is provided.
> `----
>
> No patch available...
I'm sure they'll fix it before the Vista 7 'house parties'... it would be *blue* otherwise.
- --
~~ Best of wishes
Commercial televsion is like deliberately sticking hat pins through your
frontal lobes most of the time. -- Rebecca Ore
http://Schestowitz.com | GNU/Linux | PGP-Key: 0x74572E8E
Mem: 2075800k total, 1660792k used, 415008k free, 12460k buffers
http://iuron.com - next generation of search paradigms
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkqmzA4ACgkQU4xAY3RXLo6TPgCfWYOwycAnjdlPM2xzUyxXj1Nq
C5sAn086cFcnEJEYLztOoBwmzFtcm/sZ
=BLwl
-----END PGP SIGNATURE-----
|
|