Windows Server Service buffer overflow MS08-067

2008-10-24T00:00:00
ID SAINT:AC0D0F2C31B3A560B890C66CD6245812
Type saint
Reporter SAINT Corporation
Modified 2008-10-24T00:00:00

Description

Added: 10/24/2008
CVE: CVE-2008-4250
BID: 31874
OSVDB: 49243

Background

The Windows Server service supports file, print, and named-pipe sharing over the network.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the Windows Server service.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 08-067.

References

<http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx>

Limitations

Due to the nature of this vulnerability, the success of the exploit depends on the contents of unused stack memory space, and therefore is not completely reliable.

Platforms

Windows XP SP3 / Windows XP
Windows XP SP2
Windows XP SP1 / Windows XP
Windows Server 2003
Windows Server 2003 SP1
Windows Server 2003 SP2