Executive Summary
Summary | |
---|---|
Title | Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155) |
Informations | |||
---|---|---|---|
Name | MS08-062 | First vendor Publication | 2008-10-14 |
Vendor | Microsoft | Last vendor Modification | 2008-10-29 |
Severity (Vendor) | Important | Revision | 2.2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.2 (October 29, 2008): Revised entries in the section, Frequently Asked Questions (FAQ) Related to This Security Update, and in the Microsoft Baseline Security Analyzer (MBSA) and Systems Management Server (SMS) detection and deployment tables in the section, Detection and Deployment Tools and Guidance, to notify customers that the update packages for Windows Server 2008 for Itanium-based Systems and all supported editions of Windows Vista have now been made available on Windows Update, Microsoft Update, Windows Software Update Services (WSUS), Systems Management Server, and System Center Configuration Manager. Summary: This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS08-062.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5764 | |||
Oval ID: | oval:org.mitre.oval:def:5764 | ||
Title: | Integer Overflow in IPP Service Vulnerability | ||
Description: | Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1446 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-10-15 | Name : Windows Internet Printing Service Allow Remote Code Execution Vulnerability (... File : nvt/secpod_ms08-062_900052.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49059 | Microsoft IIS IPP Service Unspecified Remote Overflow |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-10-16 | IAVM : 2008-B-0075 - Microsoft Internet Printing Service Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0017793 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | SMB spoolss EnumJobs response WriteAndX unicode andx attempt RuleID : 14724 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX andx attempt RuleID : 14723 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response unicode andx attempt RuleID : 14722 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response andx attempt RuleID : 14721 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX little endian andx attempt RuleID : 14720 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response little endian andx attempt RuleID : 14719 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response unicode little endian andx attempt RuleID : 14718 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX unicode little endian andx attempt RuleID : 14717 - Revision : 12 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX unicode attempt RuleID : 14716 - Revision : 10 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX attempt RuleID : 14715 - Revision : 10 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response unicode attempt RuleID : 14714 - Revision : 10 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response attempt RuleID : 14713 - Revision : 10 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX little endian attempt RuleID : 14712 - Revision : 10 - Type : NETBIOS |
2014-01-10 | SMB spoolss EnumJobs response little endian attempt RuleID : 14711 - Revision : 10 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP spoolss EnumJobs attempt RuleID : 14710 - Revision : 20 - Type : OS-WINDOWS |
2014-01-10 | SMB spoolss EnumJobs response WriteAndX unicode little endian attempt RuleID : 14709 - Revision : 10 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP spoolss EnumJobs attempt RuleID : 14661 - Revision : 17 - Type : NETBIOS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-04-03 | Name : The remote web server may allow remote code execution. File : iis_7_pci.nasl - Type : ACT_GATHER_INFO |
2008-10-15 | Name : It is possible to execute arbitrary code on the remote host via the internet ... File : smb_nt_ms08-062.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:05 |
|
2014-01-19 21:30:15 |
|
2013-11-11 12:41:09 |
|
2013-05-11 00:49:23 |
|