Security for everyone

CVE-2009-3103 Scanner

Detects 'Remote Code Execution (RCE)' vulnerability in SMBv2  affects v. Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2009-3103 Scanner Detail

The SMBv2 protocol is a product used in Microsoft Windows Vista, Windows Server 2008, and Windows 7 RC for file and printer sharing. This protocol allows users to access remote resources on a network and exchange data between devices securely. The SMBv2 protocol is widely used, and it has become an essential part of modern computer networks.

However, the SMBv2 protocol has a vulnerability known as CVE-2009-3103, which can lead to serious security threats. This vulnerability occurs in the srv2.sys implementation of the SMBv2 protocol, allowing remote attackers to execute arbitrary code or cause a denial of service attack. The vulnerability is triggered by an ampersand character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which causes an attempted dereference of an out-of-bounds memory location.

If the SMBv2 vulnerability is exploited, it may lead to the execution of arbitrary code or a system crash. An attacker could use this vulnerability to infiltrate a targeted network, gain unauthorized access to sensitive data, or cause service outages. This vulnerability is a serious risk to organizations and individuals using computers running the affected Windows operating systems.

In conclusion, the SMBv2 Negotiation Vulnerability poses a serious threat to computer networks running Windows Vista, Windows Server 2008, and Windows 7 RC. However, with the pro features of the platform, users can easily and quickly learn about vulnerabilities in their digital assets and take necessary steps to protect against them. Taking proactive measures and staying updated on security threats is essential to maintaining the safety and integrity of digital assets.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture