As we know recently, there had been a hype about SMB v2 protocol vulnerability which was causing BSOD in the vulnerable system. This vulnerability exists in srv2.sys which was not able to handle a higher/lower PID value in the SMB_Negotiate protocol field (2 Bytes). The vulnerability can be successfully exploited by the poc provided by Laurent GaffiƩ (Found this bug in 3 seconds with his simple hand made fuzzer). And after successful exploitation it will cause a remote BSOD in the affected SMB v2 enabled Operating System thus causing a hard reboot in the machine.
Read the rest of this entry »