MS06-030: Microsoft SMB Vulnerabilities
MS06-030 - KB 914389
MS06-030 covers two vulnerabilities. The more severe one ("SMB Driver Elevation of Privilege Vulnerability") will allow an attacker who has regular user access to a system to gain administrator access. The attack requires some form of regular access, for example valid login credentials or an exploit against a regular user on the system.
You could disable the Workstation service to mitigate this vulnerability. However, this is probably only going to work for stand alone workstations. Disabling the Workstation service will break file and printer sharing.
The second vulnerability ("SMB Invalid Handle Vulnerability") results in a Denial of Service condition, but as the first vulnerability it requires valid login credentials.
This vulnerability is covered in CVE-2006-2373.
--
Johannes Ullrich
MS06-030 covers two vulnerabilities. The more severe one ("SMB Driver Elevation of Privilege Vulnerability") will allow an attacker who has regular user access to a system to gain administrator access. The attack requires some form of regular access, for example valid login credentials or an exploit against a regular user on the system.
You could disable the Workstation service to mitigate this vulnerability. However, this is probably only going to work for stand alone workstations. Disabling the Workstation service will break file and printer sharing.
The second vulnerability ("SMB Invalid Handle Vulnerability") results in a Denial of Service condition, but as the first vulnerability it requires valid login credentials.
This vulnerability is covered in CVE-2006-2373.
--
Johannes Ullrich
Keywords:
0 comment(s)
×
Diary Archives
Comments