Microsoft Windows SMB Processing Array Indexing Vulnerability (CVE-2009-3103) Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Microsoft Windows SMB Processing Array Indexing Vulnerability (CVE-2009-3103) Scanner Detail

Tests whether target machines are vulnerable to ms10-061 Printer Spooler impersonation vulnerability.

This script will crash the service if it is vulnerable.

The script performs a denial-of-service against the vulnerability disclosed in CVE-2009-3103. This works against Windows Vista and some versions of Windows 7, and causes a bluescreen if successful. The proof-of-concept code at http://seclists.org/fulldisclosure/2009/Sep/39 was used, with one small change.

This check was previously part of smb-check-vulns.

Some Advice for Common Problems

The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service