Windows SMB Information Disclosure Vulnerability - CVE-2018-8444
|ID: oval:org.secpod.oval:def:47455||Date: (C)2018-09-12 (M)2018-11-21|
|Class: VULNERABILITY||Family: windows|
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv2 server. The security update addresses the vulnerability by correcting how SMBv2 handles these specially crafted requests.
|Microsoft Windows 10|
|Microsoft Windows 8.1|
|Microsoft Windows Server 2012|
|Microsoft Windows Server 2012 R2|