Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-4250
Description:The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre- Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
Test IDs: 1.3.6.1.4.1.25623.1.0.900091   1.3.6.1.4.1.25623.1.0.900055   1.3.6.1.4.1.25623.1.0.900056   1.3.6.1.4.1.25623.1.0.108779  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-4250
BugTraq ID: 31874
http://www.securityfocus.com/bid/31874
Bugtraq: 20081026 Windows RPC MS08-067 FAQ document released (Google Search)
http://www.securityfocus.com/archive/1/497808/100/0/threaded
Bugtraq: 20081027 Windows RPC MS08-067 FAQ document updated (Google Search)
http://www.securityfocus.com/archive/1/497816/100/0/threaded
Cert/CC Advisory: TA08-297A
http://www.us-cert.gov/cas/techalerts/TA08-297A.html
Cert/CC Advisory: TA09-088A
http://www.us-cert.gov/cas/techalerts/TA09-088A.html
CERT/CC vulnerability note: VU#827267
http://www.kb.cert.org/vuls/id/827267
https://www.exploit-db.com/exploits/6824
https://www.exploit-db.com/exploits/6841
https://www.exploit-db.com/exploits/7104
https://www.exploit-db.com/exploits/7132
HPdes Security Advisory: HPSBST02386
http://marc.info/?l=bugtraq&m=122703006921213&w=2
HPdes Security Advisory: SSRT080164
http://marc.info/?l=bugtraq&m=122703006921213&w=2
http://blogs.securiteam.com/index.php/archives/1150
Microsoft Security Bulletin: MS08-067
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093
http://www.securitytracker.com/id?1021091
http://secunia.com/advisories/32326
http://www.vupen.com/english/advisories/2008/2902
XForce ISS Database: win-server-rpc-code-execution(46040)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46040




© 1998-2024 E-Soft Inc. All rights reserved.