SMB: Trans2 Response Chunk mismatch
This signature detects attempts to exploit a known vulnerability in the Microsoft Server Message Block (SMB) client. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the kernel (ring0).
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability that affects the SMB client. Successful exploits can allow attackers to execute arbitrary code with full user rights. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
Avaya messaging_application_server,Microsoft windows_server_2008_for_itanium-based_systems
Short Name
SMB:EXPLOIT:TRANS2-MDL-CHUNK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
CVE-2011-0660 Chunk Response Trans2 bid:47239 mismatch
Release Date
04/11/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3