Content
(MS08-007) Microsoft Mini-Redirector Heap Overflow Vulnerability (946026)
- Type
- Logic error
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- Medium
- CVE reference
- CVE-2008-0080,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows XP SP2,
- Windows 2003 SP2,
- Windows Vista,
- Summary
- A vulnerability is present in Microsoft Windows that could allow for code execution. Exploitation could occur when using the Web-based Distributed Authoring and Versioning (webDAV) HTML extension to manage or edit pages on an attacker controlled Web server.
Tab Navigation
Description
Microsoft Windows is an industry standard operating system. Web-based Distributed Authoring and Versioning (webDAV) allows for editing and managing of remote Web server content in a collaborative manner. A vulnerability exists in Microsoft Windows that may allow for remote code execution. The flaw is present due to improper weDAV client Mini-Redirector processing of malicious webDAV responses. Exploitation could occur when interacting with a malicious Web server.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the patch available from Microsoft (946026): http://www.microsoft.com/technet/security/Bulletin/MS08-007.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-007) Microsoft Mini-Redirector Heap Overflow Vulnerability (946026)
- Signature identifier:
- 5699
- Release date:
- 2/11/2008
McAfee Intrushield
This signature provides coverage for this vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- HTTP: Microsoft Mini-Redirector Heap Overflow Vulnerability
- Signature identifier:
- 0x40242A00
Additional Resources
Microsoft Security Bulletin: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
http://www.microsoft.com/technet/security/Bulletin/MS08-007.mspx
All Information
Timeline -
2/12/2008
Vendor has provided a patch.
Description -
Microsoft Windows is an industry standard operating system. Web-based Distributed Authoring and Versioning (webDAV) allows for editing and managing of remote Web server content in a collaborative manner. A vulnerability exists in Microsoft Windows that may allow for remote code execution. The flaw is present due to improper weDAV client Mini-Redirector processing of malicious webDAV responses. Exploitation could occur when interacting with a malicious Web server.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the patch available from Microsoft (946026): http://www.microsoft.com/technet/security/Bulletin/MS08-007.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-007) Microsoft Mini-Redirector Heap Overflow Vulnerability (946026)
- Signature identifier:
- 5699
- Release date:
- 2/11/2008
McAfee Intrushield
This signature provides coverage for this vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- HTTP: Microsoft Mini-Redirector Heap Overflow Vulnerability
- Signature identifier:
- 0x40242A00
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)
http://www.microsoft.com/technet/security/Bulletin/MS08-007.mspx
