Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4834

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4834
Last Modified 07 Mar 2011 10:13:22
Published 14 Jan 2009 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4834

Summary

Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Vista

  • Microsoft Windows Xp


References

CERT - TA09-013A

MISC - http://www.zerodayinitiative.com/advisories/ZDI-09-001/

VUPEN - ADV-2009-0116

SECTRACK - 1021560

BID - 33121

BUGTRAQ - 20090113 ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability

MS - MS09-001


Last Updated: 27 May 2016 10:48:38