Microsoft Windows 'KeAccumulateTicks()' SMB2 Packet Remote Denial Of Service Vulnerability

  Severity: HIGH
  CVE Identifier: CVE-2009-3676
  Advisory Date: JUL 21, 2015

  DESCRIPTION

The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that contains (a) an incorrect length value in a NetBIOS header or (b) an additional length field at the end of this response packet, aka "SMB Client Incomplete Response Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1003832
  Trend Micro Deep Security DPI Rule Name: 1003832 - Microsoft Windows 'KeAccumulateTicks()' SMB2 Packet Remote Denial Of Service Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Windows 7
  • Microsoft Windows Server 2008

Featured Stories