Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Microsoft Windows code execution
updated since 24.10.2008
Published:04.11.2008
Source:MICROSOFT
SecurityVulns ID:9380
Type:remote
Level:10/10
Description:It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445. Reccomendation is to disable browser service.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability.")
Original documentdocumentJuha-Matti Laurio, Windows RPC worm (MS08-067) in the wild (04.11.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644) (24.10.2008)
 documentCERT, US-CERT Technical Cyber Security Alert TA08-297A -- Microsoft Windows Server Service RPC Vulnerability (24.10.2008)
Files:MS08-067 Exploit by Debasis Mohanty
 MS08-067 PoC (by stephen lawler)
 Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644)
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server