smb-vuln-ms10-054
脚本使用类型:
hostrule
脚本所属分类:
vuln, intrusive, dos
脚本下载地址: http://nmap.org/svn/scripts/smb-vuln-ms10-054.nse
Tests whether target machines are vulnerable to the ms10-054 SMB remote memory corruption vulnerability.
The vulnerable machine will crash with BSOD.
The script requires at least READ access right to a share on a remote machine. Either with guest credentials or with specified username/password.
Share to connect to (defaults to SharedDocs)
Required to run the script, "safty swich" to prevent running it by accident
执行格式
nmap -p 445 <target> --script=smb-vuln-ms10-054 --script-args unsafe
Host script results: | smb-vuln-ms10-054: | VULNERABLE: | SMB remote memory corruption vulnerability | State: VULNERABLE | IDs: CVE:CVE-2010-2550 | Risk factor: HIGH CVSSv2: 10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Description: | The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, | Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 | does not properly validate fields in an SMB request, which allows remote attackers | to execute arbitrary code via a crafted SMB packet, aka "SMB Pool Overflow Vulnerability." | | Disclosure date: 2010-08-11 | References: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2550 |_ http://seclists.org/fulldisclosure/2010/Aug/122
Author: Aleksandar Nikolic
License: VER007 整理 http://www.ver007.com