Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
SMB:MS-WINDOWS-LSASS-DOS |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Microsoft Windows LSASS Authenticate Message Denial of Service |
Release Date |
2016/11/25 |
Update Number |
2807 |
Supported Platforms |
idp-4.1.110110609+, isg-3.4.139899+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
SMB: Microsoft Windows LSASS Authenticate Message Denial of Service
This signature detects attempts to exploit a known vulnerability in Microsoft Windows. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system and cause the lsass.exe process to terminate, resulting in a non-responsive system.
Extended Description
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote authenticated users to cause a denial of service (system hang) via a crafted request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability."
Affected Products
- Microsoft windows_10 -
- Microsoft windows_10 1511
- Microsoft windows_10 1607
- Microsoft windows_7 *
- Microsoft windows_8.1 *
- Microsoft windows_rt_8.1 *
- Microsoft windows_server_2008 *
- Microsoft windows_server_2008 r2
- Microsoft windows_server_2012 -
- Microsoft windows_server_2012 r2
- Microsoft windows_server_2016 *
- Microsoft windows_vista *
References
- CVE: CVE-2016-7237