SCAN: pysmb Library Detected
This signature detects the pysmb library in use on your network. This library is used by several penetration testing suites to create exploits. These tools can be used legitimately to perform a network security audit of your network. However, if a network security audit is not in progress, triggering this signature can indicate that a malicious attacker is using one of these tools to compromise your network.
Extended Description
It has been reported that Microsoft Windows Workstation (WKSSVC.DLL) service is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable host. The problem is in the handling of requests by the Workstation Service. The Workstation Service does not properly check bounds on remote data therefore making it possible to overwrite sensitive regions of system memory.
Affected Products
Cisco sn_5420_storage_router,Cisco call_manager
References
BugTraq: 9011
CVE: CVE-2003-0812
URL: http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx
Short Name
SCAN:PYSMBLIB
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CVE-2003-0812 Detected Library bid:9011 pysmb
Release Date
10/09/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Cisco
Microsoft
CVSS Score
7.5