Content
(MS09-001) SMB Buffer Overflow Remote Code Execution Vulnerability (958687)
- Type
- Buffer Overflow
- Impact of exploitation
- Remote Code Execution
- User Interaction
- no user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- High
- CVE reference
- CVE-2008-4834,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 SP4,
- Windows XP SP3,
- Windows 2003 Server SP 2,
- Windows XP X64 SP2,
- Windows 2003 Server X64 SP2,
- Windows 2003 Itanium SP2,
- Summary
- A vulnerability in Microsoft Windows which may allow for remote code execution.
Tab Navigation
Description
A vulnerability in Microsoft Windows which may allow for remote code execution. The flaw is specific to the method in which the SMB (Microsoft Server Message Block) protocol handles specially-crafted SMB packets. A remote attacker can potentially exploit this vulnerability by sending specially-crafted messages/packets to a vulnerable target.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this vulnerability: http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-001) SMB Buffer Overflow Remote Code Execution Vulnerability (958687)
- Signature identifier:
- 6374
- Release date:
- 1/13/2009
The Remedy V-Flash of 1/13/2009 will contain remedies for this issue. Windows 2008 is currently not supported.
Additional Resources
(MS09-001) SMB Buffer Overflow Remote Code Execution Vulnerability (958687)
http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
All Information
Timeline -
1/13/2009
Vendor has provided a patch.
Description -
A vulnerability in Microsoft Windows which may allow for remote code execution. The flaw is specific to the method in which the SMB (Microsoft Server Message Block) protocol handles specially-crafted SMB packets. A remote attacker can potentially exploit this vulnerability by sending specially-crafted messages/packets to a vulnerable target.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this vulnerability: http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-001) SMB Buffer Overflow Remote Code Execution Vulnerability (958687)
- Signature identifier:
- 6374
- Release date:
- 1/13/2009
The Remedy V-Flash of 1/13/2009 will contain remedies for this issue. Windows 2008 is currently not supported.
Additional Resources
Additional Resources -
(MS09-001) SMB Buffer Overflow Remote Code Execution Vulnerability (958687)
http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx
