SB2017050912 - Multiple vulnerabilities in SMB implementation in Microsoft Windows
Published: May 9, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2017-0267)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
2) Information disclosure (CVE-ID: CVE-2017-0268)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
3) Improper input validation (CVE-ID: CVE-2017-0269)
The vulnerability allows a remote attacker can perform a denial of service attack.
The vulnerability exists due to improper input validation when processing SMB requests. A remote attacker can send a specially crafted SMB packet and perform a denial of service (DoS) attack.
4) Improper input validation (CVE-ID: CVE-2017-0279)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. A remote attacker can send a specially crafted SMB request to vulnerable system and execute arbitrary code.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
5) Improper input validation (CVE-ID: CVE-2017-0278)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. A remote attacker can send a specially crafted SMB request to vulnerable system and execute arbitrary code.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
6) Improper input validation (CVE-ID: CVE-2017-0277)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. A remote attacker can send a specially crafted SMB request to vulnerable system and execute arbitrary code.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
7) Improper input validation (CVE-ID: CVE-2017-0273)
The vulnerability allows a remote attacker can perform a denial of service attack.
The vulnerability exists due to improper input validation when processing SMB requests. A remote attacker can send a specially crafted SMB packet and perform a denial of service (DoS) attack.
8) Information disclosure (CVE-ID: CVE-2017-0276)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
9) Information disclosure (CVE-ID: CVE-2017-0275)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
10) Information disclosure (CVE-ID: CVE-2017-0274)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
11) Information disclosure (CVE-ID: CVE-2017-0271)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
12) Information disclosure (CVE-ID: CVE-2017-0270)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.
13) Improper input validation (CVE-ID: CVE-2017-0272)
The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.The weakness exists due to improper handling of malicious requests by the Microsoft Server Message Block 1.0 (SMBv1). A remote attacker can send a specially crafted packet to a targeted SMBv1 server and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution.
14) Improper input validation (CVE-ID: CVE-2017-0280)
The vulnerability allows a remote attacker can perform a denial of service attack.
The vulnerability exists due to improper input validation when processing SMB requests. A remote attacker can send a specially crafted SMB packet and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0267
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0268
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0269
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0279
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0278
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0277
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0273
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0276
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0275
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0274
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0271
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0270
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0272
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0280