Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA08-008A | First vendor Publication | 2008-01-08 |
Vendor | US-CERT | Last vendor Modification | 2008-01-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, gain elevated privileges, or crash a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows as part of the Microsoft Security Bulletin Summary for January 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the January 2008 security bulletins. The security bulletins describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-008A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5271 | |||
Oval ID: | oval:org.mitre.oval:def:5271 | ||
Title: | Windows Kernel TCP/IP/ICMP Vulnerability | ||
Description: | The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0066 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5370 | |||
Oval ID: | oval:org.mitre.oval:def:5370 | ||
Title: | Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability | ||
Description: | Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0069 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5408 | |||
Oval ID: | oval:org.mitre.oval:def:5408 | ||
Title: | LSASS Bypass Vulnerability | ||
Description: | Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows local users to gain privileges via a crafted local procedure call (LPC) request. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-5352 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-01-13 | Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities (941644) File : nvt/gb_ms08-001.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40071 | Microsoft Windows LSASS Crafted LPC Request Local Privilege Escalation Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to an error in Local Security Authority Subsystem Service (LSASS). This flaw may lead to a loss of integrity. |
40070 | Microsoft Windows TCP/IP IGMPv3 / MLDv2 Packet Handling Remote Code Execution A buffer overflow exists in Windows. The TCP/IP implementation fails to validate IGMPv3 and MLDv2 packets resulting in a buffer overflow. With a specially crafted packet, a remote attacker can cause arbtrary code execution resulting in a loss of integrity. |
40069 | Microsoft Windows TCP/IP ICMP RDP Packet Handling Remote DoS Windows contains a flaw that may allow a remote denial of service. The issue is triggered when handling fragmented router advertisement ICMP queries, and will result in loss of availability for the platform. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows remote kernel tcp/ip icmp vulnerability exploit attempt RuleID : 13288 - Revision : 15 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows remote kernel tcp/ip igmp vulnerability exploit attempt RuleID : 13287 - Revision : 13 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-01-08 | Name : It is possible to execute code on the remote host. File : smb_nt_ms08-001.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : Local users can elevate their privileges on the remote host. File : smb_nt_ms08-002.nasl - Type : ACT_GATHER_INFO |