Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1451

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-1451
Last Modified 07 Mar 2011 10:07:06
Published 11 Jun 2008 10:32:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1451

Summary

The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows-nt 2000

  • Microsoft Windows-nt 2003


References

CERT - TA08-162B

BID - 29588

MS - MS08-034

SECTRACK - 1020228

VUPEN - ADV-2008-1781

SECUNIA - 30584


Last Updated: 27 May 2016 10:47:08