SecPod ID: 10169

Microsoft Security Bulletin MS08-067

Status: Public Report

Release Date: 10-24-2008

Severity: Critical

CVSS Base Score: 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)

CVSS Temporal Score = 7.3

Affected Software/OS/Device:

Microsoft Windows 2K Service Pack 4 and prior. Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2003 Service Pack 2 and prior.

Impact Level: System/Network

SecPod Nessus Plugin ID: 900055 900056

Snort ID:

Vulnerability Insight:

Overview:

Remote Code Execution Vulnerability in Server Service

Description:

A remote code execution vulnerability exists in the Server service on Windows systems. The vulnerability is due to the service not properly handling specially crafted RPC requests.

Impact :

An attacker who successfully exploited this vulnerability could take complete control of an affected system.

CVSS Score Report:    

    ACCESS_VECTOR = NETWORK
    ACCESS_COMPLEXITY = MEDIUM
    AUTHENTICATION = NOT_REQUIRED
    CONFIDENTIALITY_IMPACT = COMPLETE
    INTEGRITY_IMPACT = COMPLETE
    AVAILABILITY_IMPACT = COMPLETE
    EXPLOITABILITY = FUNCTIONAL
    REMEDIATION_LEVEL = UNAVAILABLE
    REPORT_CONFIDENCE = CONFIRMED

    CVSS Base Score = 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
    CVSS Temporal Score = 7.7

Fix:

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link,

http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx

References:

http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx

Home          Corporate          Resources          Report Security Bug          Blog