This vulnerability is still unpatched and the exploit was written by Stephen
Fewer and H D Moore, not by Laurent Gaffie, the original bug finder.
On Wed, Sep 30, 2009 at 6:34 PM, Nick wrote:
> A new exploit for the _Smb2ValidateProviderCallback() function has been
> released by the same person w
It sounds like you're talking about the tcp/ip stack flaws rather than
the smb2 issue.
On Oct 1, 2009, at 9:09 AM, Rohit Patnaik wrote:
I'm pretty sure that Microsoft has already released a fix for this.
I know they've patched Vista and Windows 7, and they've decided
publicly not to ba
ll-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Microsuck delaying patch for SMB2 on
purpose?
Date: Thu, 1 Oct 2009 08:09:22 -0500
I'm pretty sure that Microsoft has already released a fix for this.
I know they've patched Vista and Windows 7, and they'
windows xp does not support smb2, so there will never be a patch! ;)
Rohit Patnaik schrieb:
> I'm pretty sure that Microsoft has already released a fix for this. I
> know they've patched Vista and Windows 7, and they've decided publicly
> not to backport the fix to Windows XP.
>
> --Rohit Patna
I'm pretty sure that Microsoft has already released a fix for this. I know
they've patched Vista and Windows 7, and they've decided publicly not to
backport the fix to Windows XP.
--Rohit Patnaik
On Wed, Sep 30, 2009 at 8:34 PM, Nick wrote:
> A new exploit for the _Smb2ValidateProviderCallback(
A new exploit for the _Smb2ValidateProviderCallback() function has been
released by the same person who created the Denial of Service exploit,
except this one is able to execute code remotely. It seems that ms is sort
of delaying the quick fix for this exploit. Whats even sadder is that they
knew a