CVE-2008-4037 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-4037
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-4037

Description: Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.

CVE Status: Candidate

References: ST 1021163 SAID Secunia Advisory: SA32633 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6012 OSVDB 49736 MS http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx MISC http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/ http://www.xfocus.net/articles/200305/smbrelay.html http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch MILW0RM http://www.milw0rm.com/exploits/7125 CERT http://www.us-cert.gov/cas/techalerts/TA08-316A.html BID 7385

Return to the previous page.