Executive Summary
Summary | |
---|---|
Title | Vulnerability in SMB Could Allow Remote Code Execution (957095) |
Informations | |||
---|---|---|---|
Name | MS08-063 | First vendor Publication | 2008-10-14 |
Vendor | Microsoft | Last vendor Modification | 2008-10-15 |
Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.1 (October 15, 2008): Bulletin updated to clarify that the updates for Windows Vista and Windows 2008 do not require a restart, and to correct the registry key verification entry for Windows XP.Summary: This security update resolves a privately reported vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS08-063.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5787 | |||
Oval ID: | oval:org.mitre.oval:def:5787 | ||
Title: | SMB Buffer Underflow Vulnerability | ||
Description: | Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-4038 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 4 | |
Os | 4 | |
Os | 4 | |
Os | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2008-10-15 | Name : SMB Remote Code Execution Vulnerability (957095) File : nvt/secpod_ms08-063_900053.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49057 | Microsoft Windows SMB File Name Handling Remote Underflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt RuleID : 21529 - Revision : 9 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search unicode andx Search filename size integer underf... RuleID : 14654 - Revision : 14 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search andx Search filename size integer underflow attempt RuleID : 14653 - Revision : 14 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search unicode andx Search filename size integer underf... RuleID : 14652 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search andx Search filename size integer underflow attempt RuleID : 14651 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search unicode Search filename size integer underflow a... RuleID : 14650 - Revision : 12 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search Search filename size integer underflow attempt RuleID : 14649 - Revision : 16 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search unicode Search filename size integer underflow a... RuleID : 14648 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB Search Search filename size integer underflow attempt RuleID : 14647 - Revision : 11 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-10-15 | Name : It is possible to crash the remote host due to a flaw in the 'server' service. File : smb_nt_ms08-063.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:05 |
|
2014-01-19 21:30:15 |
|
2013-05-11 00:49:23 |
|