Vulnerability Name: CVE-2008-4250 (CCN-46040) Assigned: 2008-10-23 Published: 2008-10-23 Updated: 2022-02-09 Summary: The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )8.3 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )8.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-94 Vulnerability Consequences: Gain Access References: Source: MISC Type: Permissions Requiredhttp://blogs.securiteam.com/index.php/archives/1150 Source: MITRE Type: CNACVE-2008-4250 Source: HP Type: Issue Tracking, Mailing List, Third Party AdvisorySSRT080164 Source: CCN Type: SA32326Microsoft Windows Server Service Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory32326 Source: CCN Type: SECTRACK ID: 1021091Windows Server Service RPC Processing Bug Lets Remote Users Execute Arbitrary Code Source: CCN Type: ASA-2008-427MS08-067 Vulnerability in Server Service Could Allow Remote Code Execution (958644) Source: CCN Type: NORTEL BULLETIN ID: 2008009147, Rev 2Nortel Response to Microsoft Security Bulletin MS08-067 Source: CCN Type: Microsoft Security Bulletin MS12-054Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594) Source: CCN Type: Microsoft Security Bulletin MS16-087Security Update for the Microsoft Print Spooler (3170005) Source: CCN Type: US-CERT VU#827267Microsoft Server service RPC stack buffer overflow vulnerability Source: CERT-VN Type: Third Party Advisory, US Government ResourceVU#827267 Source: CCN Type: Microsoft Security Bulletin MS08-067Vulnerability in Server Service Could Allow Remote Code Execution (958644) Source: BUGTRAQ Type: Third Party Advisory, VDB Entry20081026 Windows RPC MS08-067 FAQ document released Source: BUGTRAQ Type: Third Party Advisory, VDB Entry20081027 Windows RPC MS08-067 FAQ document updated Source: BID Type: Exploit, Patch, Third Party Advisory, VDB Entry31874 Source: CCN Type: BID-31874Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry1021091 Source: CERT Type: Third Party Advisory, US Government ResourceTA08-297A Source: CERT Type: Third Party Advisory, US Government ResourceTA09-088A Source: VUPEN Type: Vendor AdvisoryADV-2008-2902 Source: MS Type: Patch, Vendor AdvisoryMS08-067 Source: XF Type: Third Party Advisory, VDB Entrywin-server-rpc-code-execution(46040) Source: XF Type: UNKNOWNwin-server-rpc-code-execution(46040) Source: CCN Type: NMAP Web siteFile smb-vuln-conficker Source: OVAL Type: Third Party Advisoryoval:org.mitre.oval:def:6093 Source: EXPLOIT-DB Type: EXPLOITOffensive Security Exploit Database [01-21-2011] Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry6824 Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry6841 Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry7104 Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry7132 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2003:-:sp1:*:*:-:*:itanium:* OR cpe:/o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_vista:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:-:*:x64:* OR cpe:/o:microsoft:windows_xp:-:-:*:*:professional:*:x64:* OR cpe:/o:microsoft:windows_xp:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:* OR cpe:/o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:::x64:*:professional:*:*:* OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:*:sp2:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:*:sp2:*:*:*:itanium:* OR cpe:/o:microsoft:windows:server_2003:*:sp2:*:*:*:x64:* OR cpe:/o:microsoft:windows_vista:::~~~~x64~:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
microsoft windows 2000 - sp4
microsoft windows server 2003 -
microsoft windows server 2003 - sp1
microsoft windows server 2003 - sp1
microsoft windows server 2003 - sp2
microsoft windows server 2003 - sp2
microsoft windows server 2003 - sp2
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows vista -
microsoft windows vista -
microsoft windows vista - sp1
microsoft windows vista - sp1
microsoft windows xp - -
microsoft windows xp - sp2
microsoft windows xp - sp2
microsoft windows xp - sp3
microsoft windows 2000 sp4
microsoft windows 2003_server
microsoft windows xp sp2
microsoft windows 2003_server sp1
microsoft windows xp
microsoft windows 2003_server sp1_itanium
microsoft windows vista
microsoft windows server_2003
microsoft windows server_2003
microsoft windows server_2003
microsoft windows vista
microsoft windows xp sp2
microsoft windows vista sp1
microsoft windows vista sp1
microsoft windows server 2008
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows xp sp3