Windows Server 2008, Vista SMB2 Vulnerability Checks on DVM

Windows Server 2008, Vista SMB2 Vulnerability Checks on DVM

A possible vulnerability is found in Microsoft Windows Server 2008, Vista Server Message Block (SMB) V2 which exists an index array error. Microsoft released Microsoft Security Advisory (975497) to disable SMB v2 function, or use firewalls to temporarily block TCP ports 139 & 445 to avoid further attacks.

DVM (DragonSoft Vulnerability Management) is able to remotely test CVE-2009-3103 vulnerability with a built-in Denial of Service feature:

Configuration:


1. Under [Policies] -> [Edit] -> [Audit] -> Policy Name : [DoS]
2. Search [CVE-2009-3103] option
3. Tick [Windows SMB2 Remote Denial of Service]

NOTE: The Remote Denial of Service test could cause Server 2008, Vista to crash and restart, resulting in data loss.

Related links:
1. Windows SMB2 Remote Denial of Service Test
2. Microsoft Security Advisory (975497)
3. CVE-2009-3103

About DragonSoft Security Associates, Inc.
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education. Founded in 2002, DragonSoft offers vulnerability management olutions, including vulnerability assessment, System Security Management and intrusion prevention.