The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token, aka "SMB NTLM Authentication Lack of Entropy Vulnerability."
AV:N/AC:L/Au:N/C:C/I:C/A:CMicrosoft Windows 2000
OSMicrosoftwszystkie wersjeMicrosoft Windows 2003 Server
OSMicrosoftwszystkie wersjeMicrosoft Windows 7
OSMicrosoftwszystkie wersjeMicrosoft Windows Server 2008
OSMicrosoftwszystkie wersjeMicrosoft Windows Vista
OSMicrosoftwszystkie wersjeMicrosoft Windows Xp
OSMicrosoftwszystkie wersje
Related vulnerabilities
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows S...