CVE-2008-4250

Microsoft Windows Server - Code Execution (PoC) (MS08-067)

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."

El servicio servidor en Microsoft Windows versiones 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, vista Gold y SP1, Server 2008 y 7 Pre-Beta, permite a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC creada que desencadena el desbordamiento durante una Canonicalización de Path, como explotación en la naturaleza por Gimmiv.A en octubre de 2008, también se conoce como "Server Service Vulnerability"

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-09-25 CVE Reserved
2008-10-23 CVE Published
2011-01-21 First Exploit
2024-08-07 CVE Updated
2024-10-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-94: Improper Control of Generation of Code ('Code Injection')

CAPEC

References (19)

URL	Tag	Source
http://www.kb.cert.org/vuls/id/827267	Third Party Advisory
http://www.securityfocus.com/archive/1/497808/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/497816/100/0/threaded	Mailing List
http://www.securitytracker.com/id?1021091	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-297A.html	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA09-088A.html	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46040	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/6824	2024-08-07
https://www.exploit-db.com/exploits/40279	2016-02-26
https://www.exploit-db.com/exploits/7104	2024-08-07
https://www.exploit-db.com/exploits/16362	2011-01-21
https://www.exploit-db.com/exploits/6841	2024-08-07
https://www.exploit-db.com/exploits/7132	2024-08-07
http://www.securityfocus.com/bid/31874	2024-08-07

URL	Date	SRC
http://secunia.com/advisories/32326	2022-02-09
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067	2022-02-09

URL	Date	SRC
http://marc.info/?l=bugtraq&m=122703006921213&w=2	2022-02-09
http://www.vupen.com/english/advisories/2008/2902	2022-02-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Windows 2000 Search vendor "Microsoft" for product "Windows 2000"				-		sp4		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		x64		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		sp1		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		sp1, itanium		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		sp2, itanium		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				-		sp2, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				-		itanium		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				-		x64		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				-		x86		Affected
Microsoft Search vendor "Microsoft"		Windows Vista Search vendor "Microsoft" for product "Windows Vista"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows Vista Search vendor "Microsoft" for product "Windows Vista"				-		x64		Affected
Microsoft Search vendor "Microsoft"		Windows Vista Search vendor "Microsoft" for product "Windows Vista"				-		sp1		Affected
Microsoft Search vendor "Microsoft"		Windows Vista Search vendor "Microsoft" for product "Windows Vista"				-		sp1, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				-		professional, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				-		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				-		sp2, professional, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				-		sp3		Affected