SMB: Windows CVE-2017-11885 Remote Code Execution

Signature attempts to capture An Arbitrary Pointer Dereference vulnerability in Windows systems. Successful exploitation of this vulnerability can achieve Remote Code Execution.

Extended Description

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service handles requests, aka "Windows RRAS Service Remote Code Execution Vulnerability".

Affected Products

Microsoft windows_server_2016

References

CVE: CVE-2017-11885

Short Name
SMB:CVE-2017-11885-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
SMB
Keywords
CVE-2017-11885 Code Execution Remote Windows
Release Date
01/09/2018
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Microsoft

CVSS Score

8.5

Found a potential security threat?