Signature Detail

NETBIOS: Length Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft NetBIOS layer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the service.

Extended Description

Microsoft Windows is prone to a denial-of-service vulnerability that affects the Microsoft Server Message Block (SMB) protocol software. A remote attacker can exploit this issue to stop the affected system from responding, resulting in denial-of-service conditions.

Affected Products

• Avaya Aura Conferencing 6.0 Standard
• Avaya Meeting Exchange - Client Registration Server
• Avaya Meeting Exchange - Recording Server
• Avaya Meeting Exchange - Streaming Server
• Avaya Meeting Exchange - Web Conferencing Server
• Avaya Meeting Exchange - Webportal
• Avaya Messaging Application Server 4
• Avaya Messaging Application Server 5
• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft Windows 7
• Microsoft Windows 7 for 32-bit Systems
• Microsoft Windows 7 for x64-based Systems
• Microsoft Windows 7 Home Premium
• Microsoft Windows 7 Professional
• Microsoft Windows 7 Starter
• Microsoft Windows 7 Ultimate
• Microsoft Windows Server 2008 Datacenter Edition SP2
• Microsoft Windows Server 2008 Datacenter Edition
• Microsoft Windows Server 2008 Enterprise Edition SP2
• Microsoft Windows Server 2008 Enterprise Edition
• Microsoft Windows Server 2008 for 32-bit Systems SP2
• Microsoft Windows Server 2008 for 32-bit Systems
• Microsoft Windows Server 2008 for Itanium-based Systems R2
• Microsoft Windows Server 2008 for Itanium-based Systems SP2
• Microsoft Windows Server 2008 for Itanium-based Systems
• Microsoft Windows Server 2008 for x64-based Systems R2
• Microsoft Windows Server 2008 for x64-based Systems SP2
• Microsoft Windows Server 2008 for x64-based Systems
• Microsoft Windows Server 2008 Standard Edition - Gold
• Microsoft Windows Server 2008 Standard Edition - Gold Datacenter
• Microsoft Windows Server 2008 Standard Edition - Gold Enterprise
• Microsoft Windows Server 2008 Standard Edition - Gold Hpc
• Microsoft Windows Server 2008 Standard Edition - Gold Itanium
• Microsoft Windows Server 2008 Standard Edition - Gold Standard
• Microsoft Windows Server 2008 Standard Edition - Gold Storage
• Microsoft Windows Server 2008 Standard Edition - Gold Web
• Microsoft Windows Server 2008 Standard Edition Itanium
• Microsoft Windows Server 2008 Standard Edition SP2
• Microsoft Windows Server 2008 Standard Edition - Sp2 Hpc
• Microsoft Windows Server 2008 Standard Edition - Sp2 Storage
• Microsoft Windows Server 2008 Standard Edition - Sp2 Web
• Microsoft Windows Server 2008 Standard Edition X64
• Microsoft Windows Server 2008 Standard Edition
• Microsoft Windows Vista Business SP1
• Microsoft Windows Vista Business SP2
• Microsoft Windows Vista Enterprise SP1
• Microsoft Windows Vista Enterprise SP2
• Microsoft Windows Vista Home Basic SP1
• Microsoft Windows Vista Home Basic SP2
• Microsoft Windows Vista Home Premium SP1
• Microsoft Windows Vista Home Premium SP2
• Microsoft Windows Vista SP1
• Microsoft Windows Vista SP2
• Microsoft Windows Vista Ultimate SP1
• Microsoft Windows Vista Ultimate SP2
• Microsoft Windows Vista Business 64-bit edition SP1
• Microsoft Windows Vista Business 64-bit edition SP2
• Microsoft Windows Vista Enterprise 64-bit edition SP1
• Microsoft Windows Vista Enterprise 64-bit edition SP2
• Microsoft Windows Vista Home Basic 64-bit edition SP1
• Microsoft Windows Vista Home Basic 64-bit edition SP2
• Microsoft Windows Vista Home Premium 64-bit edition SP1
• Microsoft Windows Vista Home Premium 64-bit edition SP2
• Microsoft Windows Vista Ultimate 64-bit edition SP1
• Microsoft Windows Vista Ultimate 64-bit edition SP2
• Microsoft Windows Vista x64 Edition SP1
• Microsoft Windows Vista x64 Edition SP2

References

• BugTraq: 42263
• CVE: CVE-2010-2551
• URL: http://www.microsoft.com/technet/security/bulletin/ms10-054.mspx