Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4038

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4038
Last Modified 07 Mar 2011 10:11:50
Published 14 Oct 2008 08:12:16
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4038

Summary

Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Vista

  • Microsoft Windows Vista Sp1

  • Microsoft Windows Xp


References

CERT - TA08-288A

BID - 31647

MS - MS08-063

SECUNIA - 32249

XF - win-ms08kb957095-update(45561)

XF - win-smb-filename-bu(45560)

VUPEN - ADV-2008-2814

SECTRACK - 1021049

HP - HPSBST02379

HP - SSRT080143


Last Updated: 27 May 2016 10:49:56