CVE-2008-4250

CVSS 9.8 CRITICALEPSS 98.8%● KEVCWE-119

In short

A flaw in Windows Server service allows attackers to send specially crafted network requests that crash the server or execute malicious code without needing any credentials. This vulnerability was actively exploited by malware in the wild.

Technical detail

Buffer overflow in the Server service RPC handler during path canonicalization allows unauthenticated remote code execution. The vulnerability requires only network access and a specially crafted RPC request; no authentication or user interaction is necessary. Successful exploitation results in arbitrary code execution with SYSTEM privileges.

Summary generated and translated by AI from the official description.

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

public PoCs found — 10

githubgithub.com/BinRacer/ms08-067.py★ 1 githubgithub.com/thunderstrike9090/Conflicker_analysis_scripts★ 1 githubgithub.com/BinRacer/ms08-067★ 0 githubgithub.com/NoTrustedx/Exploit_MS08-067★ 0 exploitdbwww.exploit-db.com/exploits/16362unverified cve_referencewww.exploit-db.com/exploits/6841unverified cve_referencewww.exploit-db.com/exploits/7132unverified cve_referencewww.exploit-db.com/exploits/6824unverified exploitdbwww.exploit-db.com/exploits/40279unverified cve_referencewww.exploit-db.com/exploits/7104unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://blogs.securiteam.com/index.php/archives/1150 http://marc.info/?l=bugtraq&m=122703006921213&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 http://secunia.com/advisories/32326 https://exchange.xforce.ibmcloud.com/vulnerabilities/46040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-4250 https://www.exploit-db.com/exploits/6824 https://www.exploit-db.com/exploits/6841 https://www.exploit-db.com/exploits/7104 https://www.exploit-db.com/exploits/7132 http://www.kb.cert.org/vuls/id/827267