SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Windows Server Message Block Vendors:   Microsoft
Windows Server Message Block Buffer Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1021560
SecurityTracker URL:  http://securitytracker.com/id/1021560
CVE Reference:   CVE-2008-4834, CVE-2008-4835   (Links to External Site)
Date:  Jan 13 2009
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000 SP4, 2003 SP2, XP SP3, Vista SP1, 2008; and prior service packs
Description:   Two vulnerabilities was reported in Windows Server Message Block. A remote user can execute arbitrary code on the target system.

A remote user can send a specially crafted Server Message Block (SMB) packet to trigger a buffer overflow and execute arbitrary code on the target system [CVE-2008-4834]. The code will run with the privileges of the target service.

A packet validation flaw also permits remote code execution [CVE-2008-4835].

An anonymous reported this vulnerability via TippingPoint.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?familyid=E0678D14-C1B5-457A-8222-8E7682760ED4

Windows XP Service Pack 2 and Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=EEAFCDC5-DF39-4B29-B6F1-7D32B64761E1

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=26898401-F669-4542-AD93-199ED1FE9A2A

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=588CA8E8-38A9-47ED-9C41-09AAF1022E49

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=EE59441C-1E8F-4425-AE8D-DEC14E7F13FB

Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=CAEC9321-FA5B-42F0-9F26-61F673FE6EEF

Windows Vista and Windows Vista Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=9179C463-C10A-452A-990F-B7E37CDD889B

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=6B26952E-B59D-4B0F-A52D-025E45ECD233

Windows Server 2008 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=7245B411-7C9E-41E5-9841-4C586336086C

Windows Server 2008 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=A241EAAD-95A0-442B-978F-F21A6F0C7DB4

Windows Server 2008 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=AB7C7015-20BB-4A0C-977A-969F4E2A5189

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-001.mspx (Links to External Site)
Cause:   Boundary error
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Tue, 13 Jan 2009 13:42:12 -0500
Subject:  http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx


Microsoft Security Bulletin MS09-001 - Critical: Vulnerabilities in SMB Could Allow Remote Code Execution (958687)

CVE-2008-4834
CVE-2008-4835



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC