cvelistv5 - CVE-2008-4037

CVE-2008-4037 (GCVE-0-2008-4037)

Vulnerability from cvelistv5 – Published: 2008-11-12 23:00 – Updated: 2024-08-07 10:00

Summary

Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	http://marc.info/?l=bugtraq&m=122703006921213&w=2	vendor-advisoryx_refsource_HP
	http://www.networkworld.com/news/2008/111208-micr…	x_refsource_MISC
	http://www.us-cert.gov/cas/techalerts/TA08-316A.html	third-party-advisoryx_refsource_CERT
	http://www.veracode.com/blog/2008/11/microsoft-fi…	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://osvdb.org/49736	vdb-entryx_refsource_OSVDB
	http://securitytracker.com/id?1021163	vdb-entryx_refsource_SECTRACK
	http://marc.info/?l=bugtraq&m=122703006921213&w=2	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2008/3110	vdb-entryx_refsource_VUPEN
	http://www.xfocus.net/articles/200305/smbrelay.html	x_refsource_MISC
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/data/vulnerabilities…	x_refsource_MISC
	http://www.securityfocus.com/data/vulnerabilities…	x_refsource_MISC
	http://secunia.com/advisories/32633	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/7385	vdb-entryx_refsource_BID
	https://www.exploit-db.com/exploits/7125	exploitx_refsource_EXPLOIT-DB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:00:42.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT080164",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
          },
          {
            "name": "TA08-316A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
          },
          {
            "name": "oval:org.mitre.oval:def:6012",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
          },
          {
            "name": "49736",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/49736"
          },
          {
            "name": "1021163",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021163"
          },
          {
            "name": "HPSBST02386",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
          },
          {
            "name": "ADV-2008-3110",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/3110"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
          },
          {
            "name": "MS08-068",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
          },
          {
            "name": "32633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32633"
          },
          {
            "name": "7385",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7385"
          },
          {
            "name": "7125",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/7125"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "SSRT080164",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
        },
        {
          "name": "TA08-316A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
        },
        {
          "name": "oval:org.mitre.oval:def:6012",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
        },
        {
          "name": "49736",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/49736"
        },
        {
          "name": "1021163",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021163"
        },
        {
          "name": "HPSBST02386",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
        },
        {
          "name": "ADV-2008-3110",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/3110"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
        },
        {
          "name": "MS08-068",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
        },
        {
          "name": "32633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32633"
        },
        {
          "name": "7385",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7385"
        },
        {
          "name": "7125",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/7125"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-4037",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSRT080164",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
            },
            {
              "name": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html",
              "refsource": "MISC",
              "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
            },
            {
              "name": "TA08-316A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
            },
            {
              "name": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/",
              "refsource": "MISC",
              "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
            },
            {
              "name": "oval:org.mitre.oval:def:6012",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
            },
            {
              "name": "49736",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/49736"
            },
            {
              "name": "1021163",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021163"
            },
            {
              "name": "HPSBST02386",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
            },
            {
              "name": "ADV-2008-3110",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/3110"
            },
            {
              "name": "http://www.xfocus.net/articles/200305/smbrelay.html",
              "refsource": "MISC",
              "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
            },
            {
              "name": "MS08-068",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
            },
            {
              "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
            },
            {
              "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
            },
            {
              "name": "32633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32633"
            },
            {
              "name": "7385",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7385"
            },
            {
              "name": "7125",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/7125"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-4037",
    "datePublished": "2008-11-12T23:00:00",
    "dateReserved": "2008-09-10T00:00:00",
    "dateUpdated": "2024-08-07T10:00:42.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"79F860DB-9616-4B63-A850-F5E950F667B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"C9AF89B4-69D3-4E28-BC05-782266145C96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"227A166A-39D3-49F5-89E7-0F75C7B5285C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"CD6F46BF-46DD-477C-94CF-88DC15BE19B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*\", \"matchCriteriaId\": \"97F081F6-6E4C-47D6-86E9-4DBA520ECDC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:*:*:*:*:*\", \"matchCriteriaId\": \"7DA1411C-F277-4302-87CB-6E53FE6F03A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:xp:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0ABBC6B-2464-4408-8A55-07EEC11EE1F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:xp:sp2:x64:*:*:*:*:*\", \"matchCriteriaId\": \"3B677A3B-E5C7-4495-A943-36D604E0135D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD75D968-907E-4494-8F23-A3C824B33286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows:xp:unknown:x64:*:*:*:*:*\", \"matchCriteriaId\": \"E34AF56E-5959-482C-AE97-F87658410FA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:x32:*:*:*:*:*\", \"matchCriteriaId\": \"1792D62D-78F0-4518-B61E-7CCDD5B0AEF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*\", \"matchCriteriaId\": \"E8000F58-DF1C-464C-A14B-783CDC00E781\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:x64:*:*:*:*:*\", \"matchCriteriaId\": \"5E8F1EE5-90F9-48A4-844B-72DDD5F87EF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \\\"SMB Credential Reflection Vulnerability.\\\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad en Microsoft Windows 2000 Gold hasta SP4, XP Gold hasta SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 permite a los servidores SMB remotos ejecutar c\\u00f3digo arbitrario en una maquina cliente mediante la reproducci\\u00f3n de las credenciales NTLM de un usuario cliente, como se demuestra. por backrush, tambi\\u00e9n se conoce como \\\"SMB Credential Reflection Vulnerability.\\\" . NOTA: algunas fuentes confiables informan que esta vulnerabilidad existe debido a una correcci\\u00f3n insuficiente para CVE-2000-0834.\"}]",
      "id": "CVE-2008-4037",
      "lastModified": "2024-11-21T00:50:44.117",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2008-11-12T23:30:02.807",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://osvdb.org/49736\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/32633\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1021163\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securityfocus.com/bid/7385\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-316A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/3110\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.xfocus.net/articles/200305/smbrelay.html\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://www.exploit-db.com/exploits/7125\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/49736\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/32633\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1021163\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/7385\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-316A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/3110\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.xfocus.net/articles/200305/smbrelay.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/7125\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-4037\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2008-11-12T23:30:02.807\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \\\"SMB Credential Reflection Vulnerability.\\\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad en Microsoft Windows 2000 Gold hasta SP4, XP Gold hasta SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 permite a los servidores SMB remotos ejecutar c\u00f3digo arbitrario en una maquina cliente mediante la reproducci\u00f3n de las credenciales NTLM de un usuario cliente, como se demuestra. por backrush, tambi\u00e9n se conoce como \\\"SMB Credential Reflection Vulnerability.\\\" . NOTA: algunas fuentes confiables informan que esta vulnerabilidad existe debido a una correcci\u00f3n insuficiente para CVE-2000-0834.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F860DB-9616-4B63-A850-F5E950F667B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"C9AF89B4-69D3-4E28-BC05-782266145C96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"227A166A-39D3-49F5-89E7-0F75C7B5285C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"CD6F46BF-46DD-477C-94CF-88DC15BE19B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*\",\"matchCriteriaId\":\"97F081F6-6E4C-47D6-86E9-4DBA520ECDC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:*:*:*:*:*\",\"matchCriteriaId\":\"7DA1411C-F277-4302-87CB-6E53FE6F03A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:xp:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0ABBC6B-2464-4408-8A55-07EEC11EE1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:xp:sp2:x64:*:*:*:*:*\",\"matchCriteriaId\":\"3B677A3B-E5C7-4495-A943-36D604E0135D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD75D968-907E-4494-8F23-A3C824B33286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows:xp:unknown:x64:*:*:*:*:*\",\"matchCriteriaId\":\"E34AF56E-5959-482C-AE97-F87658410FA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:x32:*:*:*:*:*\",\"matchCriteriaId\":\"1792D62D-78F0-4518-B61E-7CCDD5B0AEF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"E8000F58-DF1C-464C-A14B-783CDC00E781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"5E8F1EE5-90F9-48A4-844B-72DDD5F87EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://osvdb.org/49736\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/32633\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1021163\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/7385\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-316A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/3110\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.xfocus.net/articles/200305/smbrelay.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://www.exploit-db.com/exploits/7125\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/49736\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1021163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/7385\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-316A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/3110\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.xfocus.net/articles/200305/smbrelay.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/7125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2008-4037

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-4037

Aliases

CVE-2008-4037

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-4037",
    "description": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.",
    "id": "GSD-2008-4037",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2008-4037"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-4037"
      ],
      "details": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.",
      "id": "GSD-2008-4037",
      "modified": "2023-12-13T01:22:59.718338Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2008-4037",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "SSRT080164",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
          },
          {
            "name": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html",
            "refsource": "MISC",
            "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
          },
          {
            "name": "TA08-316A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
          },
          {
            "name": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/",
            "refsource": "MISC",
            "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
          },
          {
            "name": "oval:org.mitre.oval:def:6012",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
          },
          {
            "name": "49736",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/49736"
          },
          {
            "name": "1021163",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021163"
          },
          {
            "name": "HPSBST02386",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
          },
          {
            "name": "ADV-2008-3110",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/3110"
          },
          {
            "name": "http://www.xfocus.net/articles/200305/smbrelay.html",
            "refsource": "MISC",
            "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
          },
          {
            "name": "MS08-068",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
          },
          {
            "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
          },
          {
            "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
          },
          {
            "name": "32633",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/32633"
          },
          {
            "name": "7385",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/7385"
          },
          {
            "name": "7125",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/7125"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:xp:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:xp:sp2:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows:xp:unknown:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x32:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-4037"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1021163",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021163"
            },
            {
              "name": "32633",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/32633"
            },
            {
              "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
            },
            {
              "name": "7385",
              "refsource": "BID",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/7385"
            },
            {
              "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
            },
            {
              "name": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
            },
            {
              "name": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
            },
            {
              "name": "http://www.xfocus.net/articles/200305/smbrelay.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
            },
            {
              "name": "TA08-316A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
            },
            {
              "name": "49736",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/49736"
            },
            {
              "name": "ADV-2008-3110",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/3110"
            },
            {
              "name": "SSRT080164",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
            },
            {
              "name": "7125",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/7125"
            },
            {
              "name": "oval:org.mitre.oval:def:6012",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
            },
            {
              "name": "MS08-068",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2023-12-07T18:38Z",
      "publishedDate": "2008-11-12T23:30Z"
    }
  }
}

GHSA-G42P-2GQ8-X2P3

Vulnerability from github – Published: 2022-05-02 00:06 – Updated: 2025-04-09 04:00

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-4037"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-11-12T23:30:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.",
  "id": "GHSA-g42p-2gq8-x2p3",
  "modified": "2025-04-09T04:00:34Z",
  "published": "2022-05-02T00:06:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4037"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/7125"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/49736"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32633"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021163"
    },
    {
      "type": "WEB",
      "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/7385"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/3110"
    },
    {
      "type": "WEB",
      "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2008-4037

Vulnerability from fkie_nvd - Published: 2008-11-12 23:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://marc.info/?l=bugtraq&m=122703006921213&w=2
secure@microsoft.com	http://osvdb.org/49736
secure@microsoft.com	http://secunia.com/advisories/32633	Vendor Advisory
secure@microsoft.com	http://securitytracker.com/id?1021163
secure@microsoft.com	http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html
secure@microsoft.com	http://www.securityfocus.com/bid/7385	Exploit, Patch
secure@microsoft.com	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch	Exploit
secure@microsoft.com	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README	Exploit
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA08-316A.html	US Government Resource
secure@microsoft.com	http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/
secure@microsoft.com	http://www.vupen.com/english/advisories/2008/3110	Vendor Advisory
secure@microsoft.com	http://www.xfocus.net/articles/200305/smbrelay.html
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012
secure@microsoft.com	https://www.exploit-db.com/exploits/7125
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=122703006921213&w=2
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/49736
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32633	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021163
af854a3a-2127-422b-91ae-364da2661108	http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/7385	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-316A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/3110	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.xfocus.net/articles/200305/smbrelay.html
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/7125

Impacted products

Vendor	Product	Version
microsoft	windows	server_2003
microsoft	windows	server_2003
microsoft	windows	server_2003
microsoft	windows	server_2003
microsoft	windows	server_2003
microsoft	windows	server_2003
microsoft	windows	xp
microsoft	windows	xp
microsoft	windows	xp
microsoft	windows	xp
microsoft	windows_2000	-
microsoft	windows_server_2008	-
microsoft	windows_server_2008	-
microsoft	windows_server_2008	-
microsoft	windows_vista	-
microsoft	windows_vista	-
microsoft	windows_vista	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "79F860DB-9616-4B63-A850-F5E950F667B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:*",
              "matchCriteriaId": "C9AF89B4-69D3-4E28-BC05-782266145C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "227A166A-39D3-49F5-89E7-0F75C7B5285C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "CD6F46BF-46DD-477C-94CF-88DC15BE19B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "97F081F6-6E4C-47D6-86E9-4DBA520ECDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:*:*:*:*:*",
              "matchCriteriaId": "7DA1411C-F277-4302-87CB-6E53FE6F03A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:xp:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "E0ABBC6B-2464-4408-8A55-07EEC11EE1F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:xp:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "3B677A3B-E5C7-4495-A943-36D604E0135D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "FD75D968-907E-4494-8F23-A3C824B33286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:xp:unknown:x64:*:*:*:*:*",
              "matchCriteriaId": "E34AF56E-5959-482C-AE97-F87658410FA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x32:*:*:*:*:*",
              "matchCriteriaId": "1792D62D-78F0-4518-B61E-7CCDD5B0AEF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*",
              "matchCriteriaId": "E8000F58-DF1C-464C-A14B-783CDC00E781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:x64:*:*:*:*:*",
              "matchCriteriaId": "5E8F1EE5-90F9-48A4-844B-72DDD5F87EF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka \"SMB Credential Reflection Vulnerability.\"  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad en Microsoft Windows 2000 Gold hasta SP4, XP Gold hasta SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 permite a los servidores SMB remotos ejecutar c\u00f3digo arbitrario en una maquina cliente mediante la reproducci\u00f3n de las credenciales NTLM de un usuario cliente, como se demuestra. por backrush, tambi\u00e9n se conoce como \"SMB Credential Reflection Vulnerability.\" . NOTA: algunas fuentes confiables informan que esta vulnerabilidad existe debido a una correcci\u00f3n insuficiente para CVE-2000-0834."
    }
  ],
  "id": "CVE-2008-4037",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-11-12T23:30:02.807",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://osvdb.org/49736"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32633"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1021163"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/7385"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/3110"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://www.exploit-db.com/exploits/7125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/49736"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/7385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/3110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.xfocus.net/articles/200305/smbrelay.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/7125"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2008-AVI-549

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été identifiée dans la mise en oeuvre du protocole SMB de Windows. L'exploitation de cette dernière peut provoquer, sous certaines conditions, l'exécution de code arbitraire sur le système vulnérable.

Description

Une vulnérabilité a été identifiée dans la mise en oeuvre du protocole Microsoft Server Message Block (SMB) de Windows. Elle permettrait à une personne malveillante de rediriger une tentative de connexion SMB vers la machine émettrice puis exploiter les crédits d'authentification pour s'y connecter (technique aussi appelée "credential reflection").

L'exploitation de cette vulnérabilité permet donc, sous certaines conditions, d'exécuter du code arbitraire sur le système vulnérable. Du code d'exploitation est actuellement disponible sur l'Internet.

Solution

Se référer au bulletin de sécurité MS08-068 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows Server 2008 pour systèmes 32-bit, x64 et Itanium.
Microsoft	Windows	Microsoft Windows Server 2003 pour systèmes Itanium (SP1 et SP2) ;
Microsoft	Windows	Microsoft Windows Vista (Service Pack 1 compris) ;
Microsoft	Windows	Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris) ;
Microsoft	Windows	Microsoft Windows Server 2003 x64 Edition (Service Pack 2 compris) ;
Microsoft	Windows	Microsoft Windows XP Service Pack 2 et Service Pack 3 ;
Microsoft	Windows	Microsoft Windows Server 2003 Service Pack 1 et Service Pack 2 ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-068 du 11 novembre 2008	None	vendor-advisory
Bloc-notes de Microsoft, "MS08-068: SMB credential reflection defense" publié le 11 novembre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2008 pour syst\u00e8mes 32-bit, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 pour syst\u00e8mes Itanium (SP1 et SP2) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista (Service Pack 1 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition (Service Pack 2 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 et Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en oeuvre du protocole\nMicrosoft Server Message Block (SMB) de Windows. Elle permettrait \u00e0 une\npersonne malveillante de rediriger une tentative de connexion SMB vers\nla machine \u00e9mettrice puis exploiter les cr\u00e9dits d\u0027authentification pour\ns\u0027y connecter (technique aussi appel\u00e9e \"credential reflection\").\n\nL\u0027exploitation de cette vuln\u00e9rabilit\u00e9 permet donc, sous certaines\nconditions, d\u0027ex\u00e9cuter du code arbitraire sur le syst\u00e8me vuln\u00e9rable. Du\ncode d\u0027exploitation est actuellement disponible sur l\u0027Internet.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-068 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4037"
    }
  ],
  "links": [
    {
      "title": "Bloc-notes de Microsoft, \"MS08-068:    SMB credential reflection defense\" publi\u00e9 le 11 novembre    2008\u00a0:",
      "url": "http://blogs.technet.com/swi/archive/2008/11/11/smb-credential-reflection.aspx"
    }
  ],
  "reference": "CERTA-2008-AVI-549",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en oeuvre du protocole\nSMB de Windows. L\u0027exploitation de cette derni\u00e8re peut provoquer, sous\ncertaines conditions, l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de SMB dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-068 du 11 novembre 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx"
    }
  ]
}

CERTA-2008-AVI-586

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans la suite logicielle Microsoft Office. Ces vulnérabilités peuvent être exploitées afin d'exécuter du code arbitraire à distance.

Description

Huit vulnérabilités ont été découvertes dans la suite Microsoft Office. Ces vulnérabilités peuvent être exploitées par l'intermédiaire d'un fichier Word ou RTF spécialement construit. L'interprétation de ce fichier par Microsoft Word ou Microsoft Outlook permet d'exécuter du code arbitraire quelque soit la vulnérabilité exploitée parmi les huit.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Microsoft Office XP Service Pack 3 ;
Microsoft	Office	Microsoft Office Outlook 2007 ;
Microsoft	Office	Microsoft Office 2000 Service Pack 3 ;
Microsoft	Office	Microsoft Office 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Word 2007 ;
Microsoft	Office	Microsoft Office 2008 pour Mac ;
Microsoft	Office	Microsoft Office Word Viewer Service Pack 3 ;
Microsoft	Office	Micorsoft Works 8 ;
Microsoft	Office	Microsoft Office Outlook 2007 Service Pack 1;
Microsoft	Office	Open XML File Format Converter pour Mac.
Microsoft	Office	Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint Service Pack 1;
Microsoft	Office	Microsoft Office Word Viewer 2003 ;
Microsoft	Office	Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint ;
Microsoft	Office	Microsoft Office Word 2007 Service Pack 1;
Microsoft	Office	Microsoft Office 2004 pour Mac ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-072 du 09 décembre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Office XP Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Outlook 2007 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2000 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2008 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Micorsoft Works 8 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Outlook 2007 Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Open XML File Format Converter pour Mac.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer 2003 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nHuit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la suite Microsoft Office.\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par l\u0027interm\u00e9diaire d\u0027un\nfichier Word ou RTF sp\u00e9cialement construit. L\u0027interpr\u00e9tation de ce\nfichier par Microsoft Word ou Microsoft Outlook permet d\u0027ex\u00e9cuter du\ncode arbitraire quelque soit la vuln\u00e9rabilit\u00e9 exploit\u00e9e parmi les huit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4037"
    },
    {
      "name": "CVE-2008-4024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4024"
    },
    {
      "name": "CVE-2008-4026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4026"
    },
    {
      "name": "CVE-2008-4025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4025"
    },
    {
      "name": "CVE-2008-4027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4027"
    },
    {
      "name": "CVE-2008-4031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4031"
    },
    {
      "name": "CVE-2008-4028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4028"
    },
    {
      "name": "CVE-2008-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4030"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-586",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-12-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la suite logicielle\nMicrosoft Office. Ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es afin\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de la suite logicielle Microsoft Office",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-072 du 09 d\u00e9cembre 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-072.mspx"
    }
  ]
}

CERTA-2008-AVI-586

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans la suite logicielle Microsoft Office. Ces vulnérabilités peuvent être exploitées afin d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Microsoft Office XP Service Pack 3 ;
Microsoft	Office	Microsoft Office Outlook 2007 ;
Microsoft	Office	Microsoft Office 2000 Service Pack 3 ;
Microsoft	Office	Microsoft Office 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Word 2007 ;
Microsoft	Office	Microsoft Office 2008 pour Mac ;
Microsoft	Office	Microsoft Office Word Viewer Service Pack 3 ;
Microsoft	Office	Micorsoft Works 8 ;
Microsoft	Office	Microsoft Office Outlook 2007 Service Pack 1;
Microsoft	Office	Open XML File Format Converter pour Mac.
Microsoft	Office	Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint Service Pack 1;
Microsoft	Office	Microsoft Office Word Viewer 2003 ;
Microsoft	Office	Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint ;
Microsoft	Office	Microsoft Office Word 2007 Service Pack 1;
Microsoft	Office	Microsoft Office 2004 pour Mac ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-072 du 09 décembre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Office XP Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Outlook 2007 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2000 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2008 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Micorsoft Works 8 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Outlook 2007 Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Open XML File Format Converter pour Mac.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer 2003 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour les formats Word, Excel, et PowerPoint ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 Service Pack 1;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nHuit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la suite Microsoft Office.\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par l\u0027interm\u00e9diaire d\u0027un\nfichier Word ou RTF sp\u00e9cialement construit. L\u0027interpr\u00e9tation de ce\nfichier par Microsoft Word ou Microsoft Outlook permet d\u0027ex\u00e9cuter du\ncode arbitraire quelque soit la vuln\u00e9rabilit\u00e9 exploit\u00e9e parmi les huit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4037"
    },
    {
      "name": "CVE-2008-4024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4024"
    },
    {
      "name": "CVE-2008-4026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4026"
    },
    {
      "name": "CVE-2008-4025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4025"
    },
    {
      "name": "CVE-2008-4027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4027"
    },
    {
      "name": "CVE-2008-4031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4031"
    },
    {
      "name": "CVE-2008-4028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4028"
    },
    {
      "name": "CVE-2008-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4030"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-586",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-12-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la suite logicielle\nMicrosoft Office. Ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es afin\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de la suite logicielle Microsoft Office",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-072 du 09 d\u00e9cembre 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-072.mspx"
    }
  ]
}

CERTA-2008-AVI-549

Vulnerability from certfr_avis - Published: - Updated:

Description

Solution

Se référer au bulletin de sécurité MS08-068 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows Server 2008 pour systèmes 32-bit, x64 et Itanium.
Microsoft	Windows	Microsoft Windows Server 2003 pour systèmes Itanium (SP1 et SP2) ;
Microsoft	Windows	Microsoft Windows Vista (Service Pack 1 compris) ;
Microsoft	Windows	Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris) ;
Microsoft	Windows	Microsoft Windows Server 2003 x64 Edition (Service Pack 2 compris) ;
Microsoft	Windows	Microsoft Windows XP Service Pack 2 et Service Pack 3 ;
Microsoft	Windows	Microsoft Windows Server 2003 Service Pack 1 et Service Pack 2 ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-068 du 11 novembre 2008	None	vendor-advisory
Bloc-notes de Microsoft, "MS08-068: SMB credential reflection defense" publié le 11 novembre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2008 pour syst\u00e8mes 32-bit, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 pour syst\u00e8mes Itanium (SP1 et SP2) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista (Service Pack 1 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition (Service Pack 2 compris) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 et Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en oeuvre du protocole\nMicrosoft Server Message Block (SMB) de Windows. Elle permettrait \u00e0 une\npersonne malveillante de rediriger une tentative de connexion SMB vers\nla machine \u00e9mettrice puis exploiter les cr\u00e9dits d\u0027authentification pour\ns\u0027y connecter (technique aussi appel\u00e9e \"credential reflection\").\n\nL\u0027exploitation de cette vuln\u00e9rabilit\u00e9 permet donc, sous certaines\nconditions, d\u0027ex\u00e9cuter du code arbitraire sur le syst\u00e8me vuln\u00e9rable. Du\ncode d\u0027exploitation est actuellement disponible sur l\u0027Internet.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-068 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4037"
    }
  ],
  "links": [
    {
      "title": "Bloc-notes de Microsoft, \"MS08-068:    SMB credential reflection defense\" publi\u00e9 le 11 novembre    2008\u00a0:",
      "url": "http://blogs.technet.com/swi/archive/2008/11/11/smb-credential-reflection.aspx"
    }
  ],
  "reference": "CERTA-2008-AVI-549",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en oeuvre du protocole\nSMB de Windows. L\u0027exploitation de cette derni\u00e8re peut provoquer, sous\ncertaines conditions, l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de SMB dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-068 du 11 novembre 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-4037 (GCVE-0-2008-4037)

GSD-2008-4037

GHSA-G42P-2GQ8-X2P3

FKIE_CVE-2008-4037

CERTA-2008-AVI-549

Description

Solution

CERTA-2008-AVI-586

Description

Solution

CERTA-2008-AVI-586

Description

Solution

CERTA-2008-AVI-549

Description

Solution

Tags

Sightings

Nomenclature