Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2008-3464 | First vendor Publication | 2008-10-14 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3464 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-28 | Fuzzing |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-52 | Embedding NULL Bytes |
CAPEC-53 | Postfix, Null Terminate, and Backslash |
CAPEC-63 | Simple Script Injection |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-66 | SQL Injection |
CAPEC-67 | String Format Overflow in syslog() |
CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
CAPEC-72 | URL Encoding |
CAPEC-73 | User-Controlled Filename |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-80 | Using UTF-8 Encoding to Bypass Validation Logic |
CAPEC-81 | Web Logs Tampering |
CAPEC-83 | XPath Injection |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-88 | OS Command Injection |
CAPEC-91 | XSS in IMG Tags |
CAPEC-99 | XML Parser Attack |
CAPEC-101 | Server Side Include (SSI) Injection |
CAPEC-104 | Cross Zone Scripting |
CAPEC-106 | Cross Site Scripting through Log Files |
CAPEC-108 | Command Line Execution through SQL Injection |
CAPEC-109 | Object Relational Mapping Injection |
CAPEC-110 | SQL Injection through SOAP Parameter Tampering |
CAPEC-171 | Variable Manipulation |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5825 | |||
Oval ID: | oval:org.mitre.oval:def:5825 | ||
Title: | Messaging Queue Service Remote Code Execution Vulnerability | ||
Description: | afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3464 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2008-10-15 | MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin) |
OpenVAS Exploits
Date | Description |
---|---|
2008-10-15 | Name : Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956... File : nvt/secpod_ms08-066_900223.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49061 | Microsoft Windows Ancillary Function Driver (afd.sys) Local Privilege Escalation Windows contains a flaw that may allow a malicious local user to gain access to unauthorized privileges. The issue is triggered by a flaw in the Ancillary Function Driver (afs.sys), and may lead to a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-07-02 | IAVM : 2009-A-0049 - Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability Severity : Category I - VMSKEY : V0019589 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-10-15 | Name : A local user can elevate privileges on the remote host. File : smb_nt_ms08-066.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-11-28 23:13:16 |
|
2024-11-28 12:16:12 |
|
2021-05-04 12:07:52 |
|
2021-04-22 01:08:13 |
|
2020-05-23 00:22:03 |
|
2019-03-18 12:01:47 |
|
2018-10-13 00:22:42 |
|
2018-10-12 00:20:25 |
|
2017-09-29 09:23:39 |
|
2017-08-08 09:24:17 |
|
2016-04-26 17:42:07 |
|
2014-02-17 10:45:55 |
|
2013-11-11 12:38:00 |
|
2013-05-11 00:22:43 |
|