49243 : Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Remote Code Execution
Printer | http://osvdb.org/49243 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
66	12432	over 4 years ago	16 days ago	72 times	100%

Timeline

Disclosure Date
2008-10-23

Description

Microsoft Windows Server Service contains a flaw that may allow a malicious user to remotely execute arbitrary code. The issue is triggered when a crafted RPC request is handled. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial, Virus / Malware, Exploit Wormified
Disclosure: Vendor Verified, Uncoordinated Disclosure, Discovered in the Wild

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows XP	SP3
	Windows XP	SP2
	Windows Vista	SP1
	Windows Vista	SP0
	Windows Server 2008	SP0
	Windows Server 2003	SP2
		SP0
		SP1
	Windows 2000	SP4
	Windows XP Professional 64-bit Edition	SP2
	Windows XP Professional 64-bit Edition	SP0

References

CVE ID: 2008-4250 (see also: NVD)
Bugtraq ID: 31874
Secunia Advisory ID: 32326
SCIP VulDB ID: 3860
ISS X-Force ID: 46040
Metasploit ID: 49243
Milw0rm: 6824 7104 7132
Exploit Database: 6824 7104 7132
CERT VU: 827267
VUPEN Advisory: ADV-2008-2902
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-11/0006.html
http://archives.neohapsis.com/archives/bugtraq/2008-11/0104.html
http://archives.neohapsis.com/archives/bugtraq/2008-11/0124.html
http://archives.neohapsis.com/archives/dailydave/2008-q4/0033.html
http://seclists.org/fulldisclosure/2010/Jan/613
Other Advisory URL: http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html
http://blogs.securiteam.com/index.php/archives/1150
http://blogs.securiteam.com/index.php/archives/1150
http://securitylabs.websense.com/content/Alerts/3218.aspx
http://www.f-secure.com/weblog/archives/00001526.html
http://www.phreedom.org/blog/2008/decompiling-ms08-067/
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2
http://www.symantec.com/security_response/threatconlearn.jsp
Vendor Specific News/Changelog Entry: http://blogs.technet.com/msrc/archive/2008/10/22/advance-notification-for-out-of-band-release.aspx
http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032393978
http://www.phreedom.org/blog/2008/decompiling-ms08-067/
News Article: http://blogs.technet.com/msrc/archive/2008/10/23/ms08-067-released.aspx
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=212000278
http://www.pcworld.com/businesscenter/article/152665/microsoft_to_rush_out_emergency_windows_patch.html
http://www.theregister.co.uk/2008/10/23/emergency_windows_update/
Generic Exploit URL: http://immunitysec.com
http://www.saintcorporation.com/cgi-bin/exploit_info/windows_server_service_ms08067
http://www.securiteam.com/exploits/6W00L15MUQ.html
Vendor Specific Advisory URL: http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-03-300&viewMode=view [ Auth Req'd ]
Vendor URL: http://www.microsoft.com/en-us/default.aspx
Microsoft Knowledge Base Article: KB958644
Microsoft Security Bulletin: MS08-067

Tools & Filters

Snort	14896 3-14782
	34476 34477
	ms08_067

Credit

Not Available

CVSSv2 Score

CVSSv2 Base Score = 10.0
Source: nvd.nist.gov | Generated: 2008-10-24 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Timeline

Description

Classification

Solution

Products

Microsoft Corporation

Windows XP

Windows Vista

Windows Server 2008

Windows Server 2003

Windows 2000

Windows XP Professional 64-bit Edition

References

Tools & Filters

Credit

CVSSv2 Score

Comments