Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Message Queuing Could Allow Remote Code Execution (951071) |
| Informations | |||
|---|---|---|---|
| Name | MS08-065 | First vendor Publication | 2008-10-14 |
| Vendor | Microsoft | Last vendor Modification | 2008-10-15 |
| Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.1 (October 15, 2008): Added a link in the Affected Software table to MS07-065, the bulletin replaced by this update.Summary: This security update resolves a privately reported vulnerability in the Message Queuing Service (MSMQ) on Microsoft Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS08-065.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5998 | |||
| Oval ID: | oval:org.mitre.oval:def:5998 | ||
| Title: | Messaging Queue Service Remote Code Execution Vulnerability | ||
| Description: | Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-3479 | Version: | 1 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-06-09 | Name : Message Queuing Remote Code Execution Vulnerability (951071) - Remote File : nvt/secpod_ms08-065_remote.nasl |
| 2008-10-15 | Name : Message Queuing Remote Code Execution Vulnerability (951071) File : nvt/secpod_ms08-065_900224.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 49060 | Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Ex... A buffer overflow exists in Windows. The Message Queuing Service fails to validate RPC calls resulting in a heap buffer overflow. With a specially crafted RPC call, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2008-10-16 | IAVM : 2008-T-0056 - Microsoft Message Queuing Service Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0017781 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2015-05-28 | DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName object call overflow attempt RuleID : 14736 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName little endian object call overf... RuleID : 14735 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName little endian object call overf... RuleID : 14734 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName object call overflow attempt RuleID : 14733 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt RuleID : 14732 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCACN-IP-TCP v4 mqqm QMGetRemoteQueueName overflow attempt RuleID : 14731 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCACN-IP-TCP v4 mqqm QMGetRemoteQueueName little endian overflow attempt RuleID : 14730 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCADG-IP-UDP v4 mqqm QMGetRemoteQueueName little endian overflow attempt RuleID : 14729 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName little endian overflow attempt RuleID : 14728 - Revision : 6 - Type : NETBIOS |
| 2015-05-28 | DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName little endian overflow attempt RuleID : 14727 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt RuleID : 14726 - Revision : 13 - Type : OS-WINDOWS |
| 2014-01-10 | DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt RuleID : 14725 - Revision : 17 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-10-15 | Name : Arbitrary code can be executed on the remote host. File : smb_kb951071.nasl - Type : ACT_GATHER_INFO |
| 2008-10-15 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms08-065.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2015-05-28 21:26:35 |
|
| 2014-02-17 11:46:06 |
|
| 2014-01-19 21:30:15 |
|
| 2013-11-11 12:41:09 |
|
| 2013-05-11 00:49:23 |
|
