Microsoft CVE-2017-0147: Windows SMB Information Disclosure Vulnerability
|4||(AV:N/AC:M/Au:N/C:P/I:N/A:N)||March 13, 2017||March 13, 2017||July 11, 2017|
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server.The security update addresses the vulnerability by correcting how SMBv1 handles these specially crafted requests.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!