This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2009-11-11
Product Windows Server 2008 Last view 2012-02-17
Version - Type Os
Update gold  
Edition itanium  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2008

Activity : Overall

Related : CVE

  Date Alert Description
6.4 2012-02-17 CVE-2012-1194

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

9.3 2010-07-22 CVE-2010-2568

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.

7.8 2010-02-10 CVE-2010-0242

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability."

10 2010-02-10 CVE-2010-0241

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route Information Vulnerability."

10 2010-02-10 CVE-2010-0240

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "Header MDL Fragmentation Vulnerability."

10 2010-02-10 CVE-2010-0239

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Router Advertisement Vulnerability."

9.3 2009-11-11 CVE-2009-2514

win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka "Win32k EOT Parsing Vulnerability."

7.2 2009-11-11 CVE-2009-2513

The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient Data Validation Vulnerability."

7.8 2009-11-11 CVE-2009-1928

Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via a malformed (1) LDAP or (2) LDAPS request, aka "LSASS Recursive Stack Overflow Vulnerability."

7.2 2009-11-11 CVE-2009-1127

win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k NULL Pointer Dereferencing Vulnerability."

CWE : Common Weakness Enumeration

%idName
44% (4) CWE-94 Failure to Control Generation of Code ('Code Injection')
33% (3) CWE-20 Improper Input Validation
22% (2) CWE-399 Resource Management Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

SAINT Exploits

Description Link
Windows Shell LNK file CONTROL item command execution More info here

Open Source Vulnerability Database (OSVDB)

id Description
66387 Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
62250 Microsoft Windows TCP/IP Stack ICMPv6 Router Advertisement Packet Handling Re...
62249 Microsoft Windows TCP/IP Stack ESP Over UDP Header MDL Fragmentation Remote C...
62248 Microsoft Windows TCP/IP Stack ICMPv6 Route Information Packet Handling Remot...
62247 Microsoft Windows TCP/IP Selective Acknowledgment (SACK) Value Handling Remot...
59869 Microsoft Windows Win32k Table of Directory Entry Building Font Code Parsing ...
59868 Microsoft Windows Win32k GDI Kernel Component Unspecified Local Privilege Esc...
59867 Microsoft Windows Win32k Unspecified Kernel System Call Local Privilege Escal...
59856 Microsoft Windows Active Directory Malformed LDAP Request Stack Exhaustion Re...

OpenVAS Exploits

id Description
2010-11-25 Name : Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
File : nvt/gb_ms10-009.nasl
2010-08-04 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
File : nvt/secpod_ms10-046.nasl
2009-11-12 Name : Microsoft Windows Active Directory Denial of Service Vulnerability (973309)
File : nvt/secpod_ms09-066.nasl
2009-11-11 Name : Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
File : nvt/secpod_ms09-065.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0030 Multiple Vulnerabilities in Microsoft Windows TCP/IP
Severity: Category I - VMSKEY: V0022684

Snort® IPS/IDS

Date Description
2015-07-13 Win.Trojan.Fanny outbound connection
RuleID : 34857 - Type : MALWARE-CNC - Revision : 2
2014-01-10 DNS request for known malware domain level4-co1-as30912.su
RuleID : 28067 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain level4-co2-as30938.su
RuleID : 28066 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain x2v9.com
RuleID : 28065 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain intelbackupsrv.su
RuleID : 28064 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain intelsystems.su
RuleID : 28063 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain intelsecurity.su
RuleID : 28062 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain intelcore.su
RuleID : 28061 - Type : BLACKLIST - Revision : 2
2014-01-10 Microsoft LNK shortcut arbitrary dll load attempt
RuleID : 24500 - Type : FILE-OTHER - Revision : 6
2014-01-10 Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt
RuleID : 24487 - Type : FILE-PDF - Revision : 9
2014-01-10 Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt
RuleID : 24486 - Type : FILE-PDF - Revision : 8
2014-01-10 Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt
RuleID : 24485 - Type : FILE-PDF - Revision : 8
2014-01-10 Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt
RuleID : 23508 - Type : FILE-PDF - Revision : 5
2014-01-10 Microsoft LNK shortcut download attempt
RuleID : 19291 - Type : NETBIOS - Revision : 4
2014-01-10 Microsoft LNK shortcut arbitary dll load attempt
RuleID : 19290 - Type : FILE-OTHER - Revision : 9
2014-01-10 Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buff...
RuleID : 18249 - Type : PROTOCOL-ICMP - Revision : 6
2014-01-10 Microsoft Windows PIF shortcut file download request
RuleID : 17043 - Type : FILE-IDENTIFY - Revision : 9
2014-01-10 Microsoft LNK shortcut arbitrary dll load attempt
RuleID : 17042 - Type : FILE-OTHER - Revision : 17
2014-01-10 Microsoft Windows TCP SACK invalid range denial of service attempt
RuleID : 16408 - Type : OS-WINDOWS - Revision : 13
2014-01-10 Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buf...
RuleID : 16405 - Type : PROTOCOL-ICMP - Revision : 6
2014-01-10 Microsoft Active Directory NTDSA stack space exhaustion attempt
RuleID : 16237 - Type : SERVER-OTHER - Revision : 8
2014-01-10 Windows TrueType font file parsing integer overflow attempt
RuleID : 16232 - Type : OS-WINDOWS - Revision : 9
2014-01-10 Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt
RuleID : 16231 - Type : FILE-PDF - Revision : 22

Nessus® Vulnerability Scanner

id Description
2010-08-02 Name: The remote windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms10-046.nasl - Type: ACT_GATHER_INFO
2010-07-18 Name: It may be possible to execute arbitrary code on the remote Windows host using...
File: smb_kb_2286198.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The remote host has multiple vulnerabilities in its TCP/IP implementation.
File: smb_nt_ms10-009.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The remote Windows kernel is affected by remote privilege escalation vulnerab...
File: smb_nt_ms09-065.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The installed version of Active Directory is affected by a denial of service ...
File: smb_nt_ms09-066.nasl - Type: ACT_GATHER_INFO