Remote OpenVAS check for MS09-050

MS09-050 addresses the much talked about SMB2 Negotiation vulnerability. A crafted SMB packet could crash the Windows Vista/2008 systems with blue screen.

The OpenVAS plugin for checking MS09-050 hotfix is now available in the svn. This doesn’t require any credentials. The patched system responds differently to a particular SMB negotiation request (a crafted PID’s low_id field) from an un-patched system. The response is verified to confirm if the patch is installed. This has been tested on Windows Vista and 2008.

Leave a comment | Trackback
Oct 15th, 2009 | Posted in Uncategorized
Tags:
No comments yet.

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
RSS for comments on this post