Vulnerability Details : CVE-2008-4250
Public exploit exists!
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
Vulnerability category: Execute code
Products affected by CVE-2008-4250
- cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:-:*:itanium:*
- cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:-:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x86:*
Exploit prediction scoring system (EPSS) score for CVE-2008-4250
96.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2008-4250
-
MS08-067 Microsoft Server Service Relative Path Stack Corruption
Disclosure Date: 2008-10-28First seen: 2020-04-26exploit/windows/smb/ms08_067_netapiThis module exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs. The correct target must be used to prevent the Server Service (alon
CVSS scores for CVE-2008-4250
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2008-4250
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-4250
-
http://www.vupen.com/english/advisories/2008/2902
Vendor Advisory
-
http://www.securityfocus.com/bid/31874
Exploit;Patch;Third Party Advisory;VDB Entry
-
http://www.kb.cert.org/vuls/id/827267
Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093
Third Party Advisory
-
https://www.exploit-db.com/exploits/6841
Exploit;Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=122703006921213&w=2
'[security bulletin] HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Pat' - MARCIssue Tracking;Mailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/6824
Exploit;Third Party Advisory;VDB Entry
-
http://www.us-cert.gov/cas/techalerts/TA09-088A.html
Third Party Advisory;US Government Resource
-
http://www.securityfocus.com/archive/1/497816/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/497808/100/0/threaded
Third Party Advisory;VDB Entry
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067
Patch;Vendor Advisory
-
https://www.exploit-db.com/exploits/7104
Exploit;Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1021091
Third Party Advisory;VDB Entry
-
http://www.us-cert.gov/cas/techalerts/TA08-297A.html
Third Party Advisory;US Government Resource
-
https://www.exploit-db.com/exploits/7132
Exploit;Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/46040
Third Party Advisory;VDB Entry
-
http://blogs.securiteam.com/index.php/archives/1150
Permissions Required
Jump to