Microsoft Windows 'KeAccumulateTicks()' SMB2 Packet Remote Denial Of Service Vulnerability
Severity: HIGH
CVE Identifier: CVE-2009-3676
Advisory Date: JUL 21, 2015
DESCRIPTION
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1003832
Trend Micro Deep Security DPI Rule Name: 1003832 - Microsoft Windows 'KeAccumulateTicks()' SMB2 Packet Remote Denial Of Service Vulnerability
AFFECTED SOFTWARE AND VERSION
- Microsoft Windows 7
- Microsoft Windows Server 2008