Tenable Network Security

	Nessus
	Download
	Plugins
	Newest Plugins
	Obtain an activation code
	View all plugins
	Search
	Documentation
	Register
	Buy Now
	ProfessionalFeed Support
	Bugs
	All the Tenable Products

MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check)

This script is Copyright (C) 2008-2010 Tenable Network Security, Inc.


Family	Windows
Nessus Plugin ID	34477 (smb_kb958644.nasl)
Bugtraq ID	31874
CVE ID	CVE-2008-4250

Description:
Synopsis : Arbitrary code can be executed on the remote host due to a flaw in the 'Server' service. Description : The remote host is vulnerable to a buffer overrun in the 'Server' service that may allow an attacker to execute arbitrary code on the remote host with the 'System' privileges. Solution : Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008 : http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx Risk factor : Critical / CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org

MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check)