This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2008-07-08
Product Windows Server 2003 Last view 2008-10-14
Version * Type Os
Update sp1  
Edition x64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2003

Activity : Overall

Related : CVE

  Date Alert Description
10 2008-10-14 CVE-2008-4038

Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."

7.2 2008-10-14 CVE-2008-4036

Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability."

7.2 2008-10-14 CVE-2008-2251

Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception Vulnerability." NOTE: according to Microsoft, this is not a duplicate of CVE-2008-4510.

7.2 2008-10-14 CVE-2008-2250

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Window Creation Vulnerability."

9 2008-10-14 CVE-2008-1446

Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."

9.4 2008-07-08 CVE-2008-1454

Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.

CWE : Common Weakness Enumeration

%idName
40% (2) CWE-189 Numeric Errors
20% (1) CWE-399 Resource Management Errors
20% (1) CWE-264 Permissions, Privileges, and Access Controls
20% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
49059 Microsoft IIS IPP Service Unspecified Remote Overflow
49057 Microsoft Windows SMB File Name Handling Remote Underflow
49055 Microsoft Windows Kernel New Window Creation Process Arbitrary Code Execution
49054 Microsoft Windows Kernel Double-free Unspecified Local Privilege Escalation
49053 Microsoft Windows Virtual Address Descriptors (VAD) Local Privilege Escalation
46778 Microsoft Windows DNS Query ID Field Prediction Cache Poisoning

OpenVAS Exploits

id Description
2008-10-15 Name : Windows Kernel Elevation of Privilege Vulnerability (954211)
File : nvt/secpod_ms08-061_900051.nasl
2008-10-15 Name : Windows Internet Printing Service Allow Remote Code Execution Vulnerability (...
File : nvt/secpod_ms08-062_900052.nasl
2008-10-15 Name : SMB Remote Code Execution Vulnerability (957095)
File : nvt/secpod_ms08-063_900053.nasl
2008-10-15 Name : Virtual Address Descriptor Manipulation Elevation of Privilege Vulnerability ...
File : nvt/secpod_ms08-064_900225.nasl
2008-08-22 Name : Vulnerabilities in DNS Could Allow Spoofing (953230)
File : nvt/secpod_ms08-037_900005.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-B-0075 Microsoft Internet Printing Service Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0017793

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt
RuleID : 21529 - Type : OS-WINDOWS - Revision : 9
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode andx attempt
RuleID : 14724 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX andx attempt
RuleID : 14723 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response unicode andx attempt
RuleID : 14722 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response andx attempt
RuleID : 14721 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX little endian andx attempt
RuleID : 14720 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response little endian andx attempt
RuleID : 14719 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response unicode little endian andx attempt
RuleID : 14718 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode little endian andx attempt
RuleID : 14717 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode attempt
RuleID : 14716 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response WriteAndX attempt
RuleID : 14715 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response unicode attempt
RuleID : 14714 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response attempt
RuleID : 14713 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response WriteAndX little endian attempt
RuleID : 14712 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response little endian attempt
RuleID : 14711 - Type : NETBIOS - Revision : 10
2014-01-10 DCERPC NCACN-IP-TCP spoolss EnumJobs attempt
RuleID : 14710 - Type : OS-WINDOWS - Revision : 20
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode little endian attempt
RuleID : 14709 - Type : NETBIOS - Revision : 10
2014-01-10 DCERPC NCACN-IP-TCP spoolss EnumJobs attempt
RuleID : 14661 - Type : NETBIOS - Revision : 17
2014-01-10 Microsoft Windows SMB Search unicode andx Search filename size integer underf...
RuleID : 14654 - Type : OS-WINDOWS - Revision : 14
2014-01-10 Microsoft Windows SMB Search andx Search filename size integer underflow attempt
RuleID : 14653 - Type : OS-WINDOWS - Revision : 14
2014-01-10 Microsoft Windows SMB Search unicode andx Search filename size integer underf...
RuleID : 14652 - Type : OS-WINDOWS - Revision : 11
2014-01-10 Microsoft Windows SMB Search andx Search filename size integer underflow attempt
RuleID : 14651 - Type : OS-WINDOWS - Revision : 11
2014-01-10 Microsoft Windows SMB Search unicode Search filename size integer underflow a...
RuleID : 14650 - Type : OS-WINDOWS - Revision : 12
2014-01-10 Microsoft Windows SMB Search Search filename size integer underflow attempt
RuleID : 14649 - Type : OS-WINDOWS - Revision : 16
2014-01-10 Microsoft Windows SMB Search unicode Search filename size integer underflow a...
RuleID : 14648 - Type : OS-WINDOWS - Revision : 11

Nessus® Vulnerability Scanner

id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb951746.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: A local user can elevate his privileges on the remote host.
File: smb_nt_ms08-061.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: It is possible to execute arbitrary code on the remote host via the internet ...
File: smb_nt_ms08-062.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: It is possible to crash the remote host due to a flaw in the 'server' service.
File: smb_nt_ms08-063.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: A local user can elevate privileges on the remote host.
File: smb_nt_ms08-064.nasl - Type: ACT_GATHER_INFO
2008-07-08 Name: The remote host is vulnerable to DNS spoofing attacks.
File: smb_nt_ms08-037.nasl - Type: ACT_GATHER_INFO