Executive Summary

Summary
Title Exploit Code Published Affecting the Server Service
Informations
Name KB958963 First vendor Publication 2008-10-27
Vendor Microsoft Last vendor Modification 1970-01-01
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft is aware that detailed exploit code demonstrating code execution has been published on the Internet for the vulnerability that is addressed by security update MS08-067. This exploit code demonstrates code execution on Windows 2000, Windows XP, and Windows Server 2003. Microsoft is aware of limited, targeted active attacks that use this exploit code. At this time, there are no self-replicating attacks associated with this vulnerability. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue.

Our investigation of this exploit code has verified that it does not affect customers who have installed the updates detailed in MS08-067 on their computers. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.

We continue to work with our Microsoft Security Response Alliance (MSRA) and Microsoft Active Protections Program (MAPP) partners so that their products can provide additional protections for customers. We have updated our Windows Live Safety Scanner, Windows Live One Care, and Forefront security products with protections for customers. We have also been working with our partners in the Global Infrastructure Alliance for Internet Safety (GIAIS) program to take steps to help keep attacks from spreading.

Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (1-866-PCSAFETY). International customers may request help by using any method found at this location: http://www.microsoft.com/protect/support/default.mspx (click on the select your region hyperlink in the first paragraph).

Mitigating Factors:

  • Customers who have installed the MS08-067 security update are not affected by this vulnerability.
  • Windows 2000, Windows XP and Windows Server 2003 systems are primarily at risk from this vulnerability. Customers running these platforms should deploy MS08-067 as soon as possible.
  • While installation of the update is the recommended action, customers who have applied the workarounds as identified in MS08-067 will have minimized their exposure and potential exploitability against an attack.

General Information

Overview

Purpose of Advisory: Notification of the availability of a security update to help protect against this potential threat.

Advisory Status: As this issue is already addressed as part of the MS08-067 security bulletin, no additional update is required.

Recommendation: Install the MS08-067 security update to help protect against this vulnerability.

ReferencesIdentification
CVE ReferenceCVE-2008-4250
Microsoft Knowledge Base Article958963
Microsoft Security BulletinMS08-067
CERT ReferenceVU#827267

This advisory discusses the following software.

Related Software
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems

Frequently Asked Questions

What is the scope of the advisory?
Microsoft is aware of public posting of exploit code targeting the vulnerability identified in Microsoft Security Update MS08-067. This affects the software that is listed in the Overview section.

Is this a security vulnerability that requires Microsoft to issue a security update?
Microsoft addressed this security vulnerability in MS08-067. Customers who have installed the MS08-067 security update are not affected by this vulnerability. No additional update is required.

What causes the vulnerability?
The Server service does not properly handle specially crafted RPC requests.

What might an attacker use the vulnerability to do?
An attacker could exploit this vulnerability over RPC without authentication to run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

What is the Server service?
The Server service provides RPC support, file and print support, and named pipe sharing over the network. The Server service allows the sharing of your local resources (such as disks and printers) so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC.

What is RPC?
Remote Procedure Call (RPC) is a protocol that a program can use to request a service from a program located on another computer in a network. RPC helps with interoperability because the program using RPC does not have to understand the network protocols that are supporting communication. In RPC, the requesting program is the client and the service-providing program is the server.

Are there any known issues with installing the Microsoft Security Update that protects against this threat?
No. Microsoft continues to encourage customers to install the update immediately.

Suggested Actions

If you have installed the update released with Security Bulletin MS08-067, you are already protected from the attack identified in the publicly posted proof of concept code. If you have not installed the update, you are encouraged to apply the workarounds identified in MS08-067.

  • Protect Your PC

    We continue to encourage customers to follow our Protect Your Computer guidance of enabling a firewall, getting software updates and installing antivirus software. Customers can learn more about these steps by visiting Protect Your Computer.

  • Keep Windows Updated

    All Windows users should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit Windows Update, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them.

  • Apply workarounds listed in the Microsoft Bulletin

    Security Bulletin MS08-067 lists the applicable workarounds that can be used to protect systems from this vulnerability.

Original Source

Url : http://www.microsoft.com/technet/security/advisory/958963.mspx

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6093
 
Oval ID: oval:org.mitre.oval:def:6093
Title: Server Service Vulnerability
Description: The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4250
 Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 6
Os 3
Os 4
Os 4

SAINT Exploits

Description Link
Windows Server Service buffer overflow MS08-067 More info here

OpenVAS Exploits

Date Description
2009-04-17 Name : Conficker Detection
File : nvt/conficker.nasl
2008-10-30 Name : Vulnerability in Server Service Could Allow Remote Code Execution (958644)
File : nvt/secpod_ms08-067_900056.nasl
2008-10-24 Name : Server Service Could Allow Remote Code Execution Vulnerability (958644)
File : nvt/secpod_ms08-067_900055.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
49243 Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Rem...

Microsoft Windows Server Service contains a flaw that may allow a malicious user to remotely execute arbitrary code. The issue is triggered when a crafted RPC request is handled. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.

Information Assurance Vulnerability Management (IAVM)

Date Description
2008-10-23 IAVM : 2008-A-0081 - Microsoft Server Service Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0017870

Snort® IPS/IDS

Date Description
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode overflow attempt
RuleID : 15068 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode object call overflow ...
RuleID : 15067 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian overflo...
RuleID : 15066 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian object ...
RuleID : 15065 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian andx ov...
RuleID : 15064 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian andx ob...
RuleID : 15063 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode andx overflow attempt
RuleID : 15062 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode andx object call over...
RuleID : 15061 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt
RuleID : 15060 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel object call overflow attempt
RuleID : 15059 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian overflow attempt
RuleID : 15058 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian object call ove...
RuleID : 15057 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian andx overflow a...
RuleID : 15056 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian andx object cal...
RuleID : 15055 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel andx overflow attempt
RuleID : 15054 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel andx object call overflow att...
RuleID : 15053 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode overflow at...
RuleID : 15052 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode object call...
RuleID : 15051 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little endi...
RuleID : 15050 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little endi...
RuleID : 15049 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little endi...
RuleID : 15048 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little endi...
RuleID : 15047 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode andx overfl...
RuleID : 15046 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode andx object...
RuleID : 15045 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX overflow attempt
RuleID : 15044 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX object call overflo...
RuleID : 15043 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian overf...
RuleID : 15042 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian objec...
RuleID : 15041 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian andx ...
RuleID : 15040 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian andx ...
RuleID : 15039 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX andx overflow attempt
RuleID : 15038 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX andx object call ov...
RuleID : 15037 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode overflow attempt
RuleID : 15036 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian over...
RuleID : 15035 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode little endian andx...
RuleID : 15034 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel unicode andx overflow attempt
RuleID : 15033 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt
RuleID : 15032 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian overflow att...
RuleID : 15031 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian andx overflo...
RuleID : 15030 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel andx overflow attempt
RuleID : 15029 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode overflow...
RuleID : 15028 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little e...
RuleID : 15027 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode little e...
RuleID : 15026 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX unicode andx ove...
RuleID : 15025 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX overflow attempt
RuleID : 15024 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian ov...
RuleID : 15023 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX little endian an...
RuleID : 15022 - Revision : 5 - Type : NETBIOS
2015-05-28 SMB v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel WriteAndX andx overflow at...
RuleID : 15021 - Revision : 5 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt
RuleID : 15020 - Revision : 5 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel object call o...
RuleID : 15019 - Revision : 5 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian...
RuleID : 15018 - Revision : 5 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel little endian...
RuleID : 15017 - Revision : 5 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP v4 wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow a...
RuleID : 15016 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt
RuleID : 15015 - Revision : 17 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicali...
RuleID : 14896 - Revision : 9 - Type : OS-WINDOWS
2015-05-28 DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize little endian object call pa...
RuleID : 14895 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize little endian object call pa...
RuleID : 14894 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP srvsvc NetrpPathCanonicalize little endian object call path...
RuleID : 14893 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize object call path canonicaliz...
RuleID : 14892 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize object call path canonicaliz...
RuleID : 14891 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP srvsvc NetrpPathCanonicalize object call path canonicalizat...
RuleID : 14890 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize little endian path canonical...
RuleID : 14889 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize little endian path canonical...
RuleID : 14888 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP srvsvc NetrpPathCanonicalize little endian path canonicaliz...
RuleID : 14887 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack ...
RuleID : 14886 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack ...
RuleID : 14885 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP srvsvc NetrpPathCanonicalize path canonicalization stack ov...
RuleID : 14884 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP v4 srvsvc NetrpPathCanonicalize path canonicalization sta...
RuleID : 14883 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCADG-IP-UDP v4 srvsvc NetrpPathCanonicalize little endian path canoni...
RuleID : 14882 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCACN-IP-TCP v4 srvsvc NetrpPathCanonicalize little endian path canoni...
RuleID : 14881 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP v4 srvsvc NetrpPathCanonicalize little endian path canonica...
RuleID : 14880 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC NCADG-IP-UDP v4 srvsvc NetrpPathCanonicalize path canonicalization sta...
RuleID : 14879 - Revision : 9 - Type : NETBIOS
2015-05-28 DCERPC DIRECT-UDP v4 srvsvc NetrpPathCanonicalize path canonicalization stack...
RuleID : 14878 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode little endian andx path canonical...
RuleID : 14877 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx object ...
RuleID : 14876 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian andx object call path canonica...
RuleID : 14875 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize andx object call path canonicalization stack...
RuleID : 14874 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode andx object call path cano...
RuleID : 14873 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian andx object call pat...
RuleID : 14872 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian andx object call pat...
RuleID : 14871 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian andx object call path canonica...
RuleID : 14870 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx object ...
RuleID : 14869 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode andx object call path cano...
RuleID : 14868 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX andx object call path canonicaliza...
RuleID : 14867 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode andx object call path canonicalizati...
RuleID : 14866 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx path...
RuleID : 14865 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode andx path canonicalization stack ove...
RuleID : 14864 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian andx object call path ...
RuleID : 14863 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode andx object call path canonicalizati...
RuleID : 14862 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian andx object call path ...
RuleID : 14861 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian andx path canonicalization sta...
RuleID : 14860 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize andx path canonicalization stack overflow at...
RuleID : 14859 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx path ca...
RuleID : 14858 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode andx path canonicalization...
RuleID : 14857 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX andx path canonicalization stack o...
RuleID : 14856 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian andx path canonicalization sta...
RuleID : 14855 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian andx path canonicali...
RuleID : 14854 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian andx path canonicali...
RuleID : 14853 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX andx path canonicalization stac...
RuleID : 14852 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode andx path canonicalization stack ...
RuleID : 14851 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX little endian andx path canonic...
RuleID : 14850 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian andx path canonicaliza...
RuleID : 14849 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize andx path canonicalization stack overflow...
RuleID : 14848 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize andx path canonicalization stack overflow at...
RuleID : 14847 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX andx path canonicalization stack o...
RuleID : 14846 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian andx path canonicaliza...
RuleID : 14845 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode andx path canonicalizat...
RuleID : 14844 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode andx path canonicalization stack ove...
RuleID : 14843 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX andx object call path canonicaliza...
RuleID : 14842 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize andx object call path canonicalization stack...
RuleID : 14841 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx path ca...
RuleID : 14840 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize little endian andx path canonicalization ...
RuleID : 14839 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize little endian andx path canonicalization ...
RuleID : 14838 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX andx path canonicalization stac...
RuleID : 14837 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode andx path canonicalization...
RuleID : 14836 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode andx path canonicalizat...
RuleID : 14835 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode little endian andx path canonical...
RuleID : 14834 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX little endian andx path canonic...
RuleID : 14833 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize andx path canonicalization stack overflow...
RuleID : 14832 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode andx path canonicalization stack ...
RuleID : 14831 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode little endian andx path...
RuleID : 14830 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode little endian path canonicalizati...
RuleID : 14829 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian object call ...
RuleID : 14828 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian object call path canonicalizat...
RuleID : 14827 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize object call path canonicalization stack over...
RuleID : 14826 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode object call path canonical...
RuleID : 14825 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian object call path can...
RuleID : 14824 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian object call path can...
RuleID : 14823 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian object call path canonicalizat...
RuleID : 14822 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian object call ...
RuleID : 14821 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode object call path canonical...
RuleID : 14820 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX object call path canonicalization ...
RuleID : 14819 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode object call path canonicalization st...
RuleID : 14818 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode little endian path cano...
RuleID : 14817 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode path canonicalization stack overflow...
RuleID : 14816 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian object call path canon...
RuleID : 14815 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode object call path canonicalization st...
RuleID : 14814 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian object call path canon...
RuleID : 14813 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian path canonicalization stack ov...
RuleID : 14812 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt
RuleID : 14811 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian path canonic...
RuleID : 14810 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode path canonicalization stac...
RuleID : 14809 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX path canonicalization stack overfl...
RuleID : 14808 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize little endian path canonicalization stack ov...
RuleID : 14807 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian path canonicalizatio...
RuleID : 14806 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX little endian path canonicalizatio...
RuleID : 14805 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX path canonicalization stack ove...
RuleID : 14804 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode path canonicalization stack overf...
RuleID : 14803 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX little endian path canonicaliza...
RuleID : 14802 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian path canonicalization ...
RuleID : 14801 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt
RuleID : 14800 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt
RuleID : 14799 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX path canonicalization stack overfl...
RuleID : 14798 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode little endian path canonicalization ...
RuleID : 14797 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode path canonicalization s...
RuleID : 14796 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize unicode path canonicalization stack overflow...
RuleID : 14795 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX object call path canonicalization ...
RuleID : 14794 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize object call path canonicalization stack over...
RuleID : 14793 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode little endian path canonic...
RuleID : 14792 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize little endian path canonicalization stack...
RuleID : 14791 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize little endian path canonicalization stack...
RuleID : 14790 - Revision : 9 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX path canonicalization stack ove...
RuleID : 14789 - Revision : 9 - Type : NETBIOS
2015-05-28 SMB srvsvc NetrpPathCanonicalize WriteAndX unicode path canonicalization stac...
RuleID : 14788 - Revision : 10 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX unicode path canonicalization s...
RuleID : 14787 - Revision : 10 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize unicode little endian path canonicalizati...
RuleID : 14786 - Revision : 10 - Type : NETBIOS-DG
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize WriteAndX little endian path canonicaliza...
RuleID : 14785 - Revision : 10 - Type : NETBIOS
2015-05-28 SMB v4 srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt
RuleID : 14784 - Revision : 10 - Type : NETBIOS-DG
2014-01-10 DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack ...
RuleID : 14783 - Revision : 17 - Type : OS-WINDOWS
2014-01-10 DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack ...
RuleID : 14782 - Revision : 21 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2008-10-23 Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_kb958644.nasl - Type : ACT_GATHER_INFO
2008-10-23 Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms08-067.nasl - Type : ACT_GATHER_INFO