Microsoft Windows code execution
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Microsoft Windows code execution
updated since 24.10.2008
Published:
04.11.2008
Source:
MICROSOFT
SecurityVulns ID:
9380
Type:
remote
Level:
10
/10
Description:
It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445. Reccomendation is to disable browser service.
Affected:
MICROSOFT
:
Windows 2000 Server
MICROSOFT
:
Windows 2000 Professional
MICROSOFT
:
Windows XP
MICROSOFT
:
Windows 2003 Server
MICROSOFT
:
Windows Vista
MICROSOFT
:
Windows 2008 Server
CVE:
CVE-2008-4250
Original document
Juha-Matti Laurio
,
Windows RPC worm (MS08-067) in the wild
(
04.11.2008
)
MICROSOFT
,
Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644)
(
24.10.2008
)
CERT
,
US-CERT Technical Cyber Security Alert TA08-297A -- Microsoft Windows Server Service RPC Vulnerability
(
24.10.2008
)
Files:
MS08-067 PoC (by stephen lawler)
MS08-067 Exploit by Debasis Mohanty
Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
