CVE-2017-11781
published 2017-10-13CVE-2017-11781: The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows…
PriorityP343high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
14.40%
96.2th percentile
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | spamassassin | >= 0 < 3.4.2-0ubuntu0.14.04.1 | 3.4.2-0ubuntu0.14.04.1 |
| apache | spamassassin | >= 0 < 3.4.2-0ubuntu0.16.04.1 | 3.4.2-0ubuntu0.16.04.1 |
| apache | spamassassin | >= 0 < 3.4.2-0ubuntu0.18.04.1 | 3.4.2-0ubuntu0.18.04.1 |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | server_block_message | — | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1511 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1703 | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_8.1 | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv5.3MEDIUM
vendor_msrc5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-54h5-qvh3-364q: The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
ghsa_unreviewed·2022-05-17
CVE-2017-11781 [HIGH] CWE-20 GHSA-54h5-qvh3-364q: The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".
OSV
spamassassin vulnerabilities
osv·2018-11-06·CVSS 5.3
CVE-2017-15705 spamassassin vulnerabilities
spamassassin vulnerabilities
It was discovered that SpamAssassin incorrectly handled certain unclosed
tags in emails. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2017-15705)
It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin.
A remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2018-11780)
It was discovered that SpamAssassin incorrectly handled meta rule syntax. A
local attacker could possibly use this issue to execute arbitrary code.
(CVE-2018-11781)
Microsoft
W - SMB - DOS Authenticated
vendor_msrc·2017-10-10·CVSS 5.9
CVE-2017-11781 [HIGH] W - SMB - DOS Authenticated
W - SMB - DOS Authenticated
Description: A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an authenticated attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system.
Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.
The security update addresses the vulnerability by correcting the manner in which SMB handles specially crafted client requests.
Windows SMB Server: Windows SMB Server
Issuing CNA: Microsoft
Impac
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/101140http://www.securitytracker.com/id/1039528https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781http://www.securityfocus.com/bid/101140http://www.securitytracker.com/id/1039528https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781
2017-10-13
Published