漏洞信息(CVE-2020-0796)

一、漏洞 CVE-2020-0796 基础信息

漏洞信息

                                        # N/A

## 概述
存在一个远程代码执行漏洞，该漏洞在于 Microsoft Server Message Block 3.1.1 (SMBv3) 协议处理某些请求的方式中，被称为“Windows SMBv3 客户端/服务器远程代码执行漏洞”。

## 影响版本
未提供具体影响的版本信息。

## 细节
SMBv3 协议在处理特定请求的方式中存在缺陷，可能导致远程代码执行。攻击者可以利用该漏洞通过发送恶意请求来执行任意代码。

## 影响
成功利用此漏洞的攻击者可以在目标系统上执行任意代码。这可能导致执行其他程序、查看、更改或删除数据，以及创建拥有完全用户权限的新帐户。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

微软 Microsoft SMBv3 缓冲区错误漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Microsoft SMBv3是美国微软（Microsoft）公司的一个为设备提供SMB功能的支持固件。 Microsoft Server Message Block 3.1.1 (SMBv3)版本中存在缓冲区错误漏洞，该漏洞源于SMBv3协议在处理恶意压缩数据包时，进入了错误流程。远程未经身份验证的攻击者可利用该漏洞在应用程序中执行任意代码。以下产品及版本受到影响：Microsoft Windows 10版本1903，Windows Server版本1903，Windows 10版本1909，Windo

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

缓冲区错误

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2020-0796 的公开POC

#	POC 描述	源链接	神龙链接
1	Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability / exploit / detection / MS17010/SmbGhost/CVE-2020-0796/CVE-2018-2894	https://github.com/k8gege/PyLadon	POC详情
2	Weaponized PoC for SMBv3 TCP codec/compression vulnerability	https://github.com/Aekras1a/CVE-2020-0796-PoC	POC详情
3	CVE-2020-0796 Flaw Mitigation - Active Directory Administrative Templates	https://github.com/technion/DisableSMBCompression	POC详情
4	Powershell SMBv3 Compression checker	https://github.com/T13nn3s/CVE-2020-0796	POC详情
5	Scanner for CVE-2020-0796 - SMBv3 RCE	https://github.com/ly4k/SMBGhost	POC详情
6	Script that checks if the system is vulnerable to CVE-2020-0796 (SMB v3.1.1)	https://github.com/joaozietolie/CVE-2020-0796-Checker	POC详情
7	Identifying and Mitigating the CVE-2020–0796 flaw in the fly	https://github.com/ButrintKomoni/cve-2020-0796	POC详情
8	This project is used for scanning cve-2020-0796 SMB vulnerability	https://github.com/dickens88/cve-2020-0796-scanner	POC详情
9	None	https://github.com/kn6869610/CVE-2020-0796	POC详情
10	This repository contains a test case for CVE-2020-0796	https://github.com/awareseven/eternalghosttest	POC详情
11	CVE-2020-0796 SMBv3.1.1 Compression Capability Vulnerability Scanner	https://github.com/xax007/CVE-2020-0796-Scanner	POC详情
12	Scanners List - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)	https://github.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing	POC详情
13	Check system is vulnerable CVE-2020-0796 (SMB v3)	https://github.com/UraSecTeam/smbee	POC详情
14	SMBGhost (CVE-2020-0796) threaded scanner	https://github.com/netscylla/SMBGhost	POC详情
15	PoC for triggering buffer overflow via CVE-2020-0796	https://github.com/eerykitty/CVE-2020-0796-PoC	POC详情
16	Scanner script to identify hosts vulnerable to CVE-2020-0796	https://github.com/wneessen/SMBCompScan	POC详情
17	Scanner for CVE-2020-0796 - A SMBv3.1.1 + SMB compression RCE	https://github.com/ioncodes/SMBGhost	POC详情
18	SMBv3 RCE vulnerability in SMBv3	https://github.com/laolisafe/CVE-2020-0796	POC详情
19	Multithread SMB scanner to check CVE-2020-0796 for SMB v3.11	https://github.com/gabimarti/SMBScanner	POC详情
20	This script will apply the workaround for the vulnerability CVE-2020-0796 for the SMBv3 unauthenticated RCE	https://github.com/Almorabea/SMBGhost-WorkaroundApplier	POC详情
21	CVE-2020-0796 - Working PoC - 20200313	https://github.com/vysecurity/CVE-2020-0796	POC详情
22	CVE-2020-0796 SMBGhost	https://github.com/marcinguy/CVE-2020-0796	POC详情
23	Little scanner to know if a machine is runnig SMBv3 (possible vulnerability CVE-2020-0796)	https://github.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796	POC详情
24	Advanced scanner for CVE-2020-0796 - SMBv3 RCE	https://github.com/w1ld3r/SMBGhost_Scanner	POC详情
25	CVE-2020-0796 Python POC buffer overflow	https://github.com/wsfengfan/CVE-2020-0796	POC详情
26	基于asyncio（协程）的CVE-2020-0796 速度还是十分可观的，方便运维师傅们对内网做下快速检测。	https://github.com/GuoKerS/aioScan_CVE-2020-0796	POC详情
27	CVE-2020-0796-Scanner	https://github.com/jiansiting/CVE-2020-0796-Scanner	POC详情
28	An unauthenticated PoC for CVE-2020-0796	https://github.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC	POC详情
29	Lightweight PoC and Scanner for CVE-2020-0796 without authentication.	https://github.com/ran-sama/CVE-2020-0796	POC详情
30	CVE-2020-0796_CoronaBlue_SMBGhost	https://github.com/sujitawake/smbghost	POC详情
31	Scanner for CVE-2020-0796	https://github.com/julixsalas/CVE-2020-0796	POC详情
32	CVE-2020-0796.SMBGhost_Crash_Poc	https://github.com/5l1v3r1/SMBGhost_Crash_Poc	POC详情
33	Lightweight PoC and Scanner for CVE-2020-0796 without authentication.	https://github.com/5l1v3r1/CVE-2020-0796-PoC-and-Scan	POC详情
34	DoS PoC for CVE-2020-0796 (SMBGhost)	https://github.com/cory-zajicek/CVE-2020-0796-DoS	POC详情
35	None	https://github.com/tripledd/cve-2020-0796-vuln	POC详情
36	CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost	https://github.com/danigargu/CVE-2020-0796	POC详情
37	CVE-2020-0796 Local Privilege Escalation POC	https://github.com/jamf/CVE-2020-0796-LPE-POC	POC详情
38	SMBGHOST local privilege escalation	https://github.com/TinToSer/CVE-2020-0796-LPE	POC详情
39	Windows SMBv3 LPE exploit 已编译版	https://github.com/f1tz/CVE-2020-0796-LPE-EXP	POC详情
40	Coronablue exploit	https://github.com/tango-j/CVE-2020-0796	POC详情
41	None	https://github.com/jiansiting/CVE-2020-0796	POC详情
42	该资源为CVE-2020-0796漏洞复现，包括Python版本和C++版本。主要是集合了github大神们的资源，希望您喜欢~	https://github.com/eastmountyxz/CVE-2020-0796-SMB	POC详情
43	CVE-2020-0796-EXP	https://github.com/LabDookhtegan/CVE-2020-0796-EXP	POC详情
44	Cobalt Strike AggressorScripts CVE-2020-0796	https://github.com/Rvn0xsy/CVE_2020_0796_CNA	POC详情
45	CVE-2020-0796 (SMBGhost) LPE	https://github.com/0xeb-bp/cve-2020-0796	POC详情
46	This tool helps scan large subnets for cve-2020-0796 vulnerable systems	https://github.com/intelliroot-tech/cve-2020-0796-Scanner	POC详情
47	CVE-2020-0796 Remote Code Execution POC	https://github.com/jamf/CVE-2020-0796-RCE-POC	POC详情
48	PoC RCE Reverse Shell for CVE-2020-0796 (SMBGhost)	https://github.com/thelostworldFree/CVE-2020-0796	POC详情
49	None	https://github.com/section-c/CVE-2020-0796	POC详情
50	SMBGhost CVE-2020-0796	https://github.com/bacth0san96/SMBGhostScanner	POC详情
51	None	https://github.com/halsten/CVE-2020-0796	POC详情
52	CVE-2020-0796	https://github.com/ysyyrps123/CVE-2020-0796	POC详情
53	CVE-2020-0796-exp	https://github.com/ysyyrps123/CVE-2020-0796-exp	POC详情
54	SMBv3 Ghost (CVE-2020-0796) Vulnerability	https://github.com/exp-sky/CVE-2020-0796	POC详情
55	SMBGhost (CVE-2020-0796) Automate Exploitation and Detection	https://github.com/Barriuso/SMBGhost_AutomateExploitation	POC详情
56	批量测试CVE-2020-0796 - SMBv3 RCE	https://github.com/1060275195/SMBGhost	POC详情
57	This is an implementation of the CVE-2020-0796 aka SMBGhost vulnerability, compatible with the Metasploit Framework	https://github.com/Almorabea/SMBGhost-LPE-Metasploit-Module	POC详情
58	SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner	https://github.com/jamf/SMBGhost-SMBleed-scanner	POC详情
59	CVE-2020-0796. Smbghost Local Privilege Escalation	https://github.com/5l1v3r1/smbghost-5	POC详情
60	None	https://github.com/rsmudge/CVE-2020-0796-BOF	POC详情
61	To crash Windows-10 easily	https://github.com/codewithpradhan/SMBGhost-CVE-2020-0796-	POC详情
62	CVE-2020-0796-POC	https://github.com/AaronCaiii/CVE-2020-0796-POC	POC详情
63	None	https://github.com/datntsec/CVE-2020-0796	POC详情
64	None	https://github.com/MasterSploit/LPE---CVE-2020-0796	POC详情
65	None	https://github.com/1stPeak/CVE-2020-0796-Scanner	POC详情
66	None	https://github.com/Anonimo501/SMBGhost_CVE-2020-0796_checker	POC详情
67	None	https://github.com/Opensitoo/cve-2020-0796	POC详情
68	Remote Code Execution POC for CVE-2020-0796	https://github.com/orangmuda/CVE-2020-0796	POC详情
69	None	https://github.com/Murasame-nc/CVE-2020-0796-LPE-POC	POC详情
70	批量扫描CVE-2020-0796	https://github.com/F6JO/CVE-2020-0796-Batch-scanning	POC详情
71	None	https://github.com/lisinan988/CVE-2020-0796-exp	POC详情
72	CVE-2020-0796 - a wormable SMBv3 vulnerability.	https://github.com/5l1v3r1/CVE-2020-0796-PoC-3	POC详情
73	Multithreaded Scanner for CVE-2020-0796 - SMBv3 RCE	https://github.com/5l1v3r1/SMBGhosts	POC详情
74	Description of Exploit SMBGhost CVE-2020-0796	https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-	POC详情
75	CVE-2020-0796 explanation and researching vulnerability for term porject CENG325	https://github.com/arzuozkan/CVE-2020-0796	POC详情
76	CVE-2020-0796	https://github.com/SEHandler/CVE-2020-0796	POC详情
77	CVE-2020-0796-利用工具	https://github.com/TweatherQ/CVE-2020-0796	POC详情
78	windows 10 SMB vulnerability	https://github.com/krizzz07/CVE-2020-0796	POC详情
79	cve-2020-0796利用工具集	https://github.com/OldDream666/cve-2020-0796	POC详情
80	CVE-2020-0796 SMB Ghost vulnerability detection and mitigation	https://github.com/heeloo123/CVE-2020-0796	POC详情
81	WindowsProtocolTestSuites is to trigger BSoD, and full exploit poc.	https://github.com/Ajomix/CVE-2020-0796	POC详情
82	None	https://github.com/Vladshambaryan/https-github.com-jamf-CVE-2020-0796-RCE-POC	POC详情
83	None	https://github.com/hungdnvp/POC-CVE-2020-0796	POC详情
84	This script will help you to scan for smbGhost vulnerability(CVE-2020-0796)	https://github.com/AdamSonov/smbGhostCVE-2020-0796	POC详情
85	Weaponized PoC for SMBv3 TCP codec/compression vulnerability	https://github.com/0x25bit/CVE-2020-0796-PoC	POC详情
86	This repository contains detailed documentation and code related to the exploitation, detection, and mitigation of two significant vulnerabilities: CVE-2020-0796 (SMBGhost) and Print Spooler.	https://github.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities	POC详情
87	WindowsProtocolTestSuites is to trigger BSoD, and full exploit poc.	https://github.com/dungnm24/CVE-2020-0796	POC详情
88	None	https://github.com/Kaizzzo1/CVE-2020-0796	POC详情
89	None	https://github.com/monjheta/CVE-2020-0796	POC详情
90	None	https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Windows%20SMB%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2020-0796.md	POC详情

三、漏洞 CVE-2020-0796 的情报信息

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 x_refsource_MISC
http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html x_refsource_MISC
http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html x_refsource_MISC
http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html x_refsource_MISC
http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html x_refsource_MISC
http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html x_refsource_MISC
http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-0796

一、 漏洞 CVE-2020-0796 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2020-0796 的公开POC

三、漏洞 CVE-2020-0796 的情报信息

一、漏洞 CVE-2020-0796 基础信息