This SMBv1 vulnerability has been disclosed to MS back in february 2010 and patched this month in MS10-054 bulletin.

This vulnerability is quite interesting since it’s present in all Windows version since Windows 2000, and can be triggered easily in at least 2 different Trans2 opcode by setting a Max Data Count to 0;
QUERY_FS_INFO Query FS Attribute Info
QUERY_FS_INFO, Query FS Volume Info

You can find the full advisory here:
SRD blog entry:

By admin