CVE-2008-4037

CVSS V2 High 9.3 CVSS V3 None
Description
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
Overview
  • CVE ID
  • CVE-2008-4037
  • Assigner
  • secure@microsoft.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2008-11-12T23:30:02
  • Last Modified Date
  • 2018-10-30T16:26:32
Weakness Enumerations
CWE URL
CWE-287 http://cwe.mitre.org/data/definitions/287.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:xp:sp2:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:xp:sp2:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:xp:unknown:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_server_2008:-:*:x32:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_vista:-:*:x64:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 9.3
  • Severity
  • HIGH
  • Exploitability Score
  • 8.6
  • Impact Score
  • 10
References
Reference URL Reference Tags
http://securitytracker.com/id?1021163
http://secunia.com/advisories/32633 Vendor Advisory
http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README Exploit
http://www.securityfocus.com/bid/7385 Exploit Patch
http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch Exploit
http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html
http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/
http://www.xfocus.net/articles/200305/smbrelay.html
http://www.us-cert.gov/cas/techalerts/TA08-316A.html US Government Resource
http://osvdb.org/49736
http://www.vupen.com/english/advisories/2008/3110 Vendor Advisory
http://marc.info/?l=bugtraq&m=122703006921213&w=2
https://www.exploit-db.com/exploits/7125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2008-4037
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4037
History
Created Old Value New Value Data Type Notes
2022-05-10 17:57:59 Added to TrackCVE