module
Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS
| Disclosed | Created |
|---|---|
| N/A | 2018-05-30 |
Disclosed
N/A
Created
2018-05-30
Description
This module exploits a denial of service flaw in the Microsoft
Windows SMB service on versions of Windows prior to the August 2010 Patch
Tuesday. To trigger this bug, you must be able to access a share with
at least read privileges. That generally means you will need authentication.
However, if a system has a guest accessible share, you can trigger it
without any authentication.
Windows SMB service on versions of Windows prior to the August 2010 Patch
Tuesday. To trigger this bug, you must be able to access a share with
at least read privileges. That generally means you will need authentication.
However, if a system has a guest accessible share, you can trigger it
without any authentication.
Authors
Laurent Gaffie laurent.gaffie@gmail.com
jduck jduck@metasploit.com
jduck jduck@metasploit.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.