Symantec product detections for Microsoft monthly Security Advisories - January 2008

Article:TECH139967  |  Created: 2010-09-15  |  Updated: 2013-01-09  |  Article URL http://www.symantec.com/docs/TECH139967
Article Type
Technical Solution


Issue



This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Advisories.


Note:

Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.


Solution



January 8, 2008

 ID and Rating

 

Description

Details

Intrusion Protection System (IPS) Response

Other Detections

CAN/CVE ID:

CVE-2007-0069

 

BID:

27100

 

Microsoft ID:

MS08-001

 

MSKB:

941644

 

Microsoft Rating:

Critical

Windows Kernel TCP/IP IGMP Vulnerability

 

Remote Code Execution Vulnerability

 

This vulnerability affects the following products:

 

Windows XP SP2

Windows 2003

Windows Vista

This is a remote code-execution vulnerability affecting Windows kernel TCP/IP and is due to the way it stores the state of Internet Group Management Protocol (IGMP) requests.

A successful attack will result in the execution of the attacker-supplied code, potentially resulting in a remote compromise of the affected computer.

Sig ID: N/A

AV:

N/A

 

Sygate IDS:

N/A

CAN/CVE ID:

CVE-2007-0066

 

BID:

27139

 

Microsoft ID:

MS08-001

 

MSKB:

941644

 

Microsoft Rating:

Moderate

Windows Kernel TCP/IP ICMP Vulnerability

 

Remote Denial of Service Vulnerability

 

This vulnerability affects the following products:

 

Windows XP SP2

Windows 2000

Windows 2003

This is a remote denial of service vulnerability in Windows TCP/IP and is due to the way it stores the state of Internet Control Message Protocol (ICMP) requests.

A successful exploitation of this vulnerability will possibly cause the vulnerable computer to stop responding and potentially crash.

This vulnerability can be exploited by an attacker be sending a malicious packet.

Sig ID: N/A

AV:

N/A

 

Sygate IDS:

N/A

CAN/CVE ID:

CVE-2007-5352

 

BID:

27099

 

Microsoft ID:

MS08-002

 

MSKB:

943485

 

Microsoft Rating:

Important

LSASS Bypass Vulnerability

 

Local Elevation of Privilege Vulnerability

 

This vulnerability affects the following products:

 

Windows XP SP2

Windows 2000

Windows Server 2003

This is an elevation of privilege vulnerability affecting LSASS.

A successful exploitation of this vulnerability will allow an attacker to take complete control of the vulnerable system

A local attacker may be able to exploit this issue by sending a malicious LPC message to the affected service and gain complete control of the affected computer.

Sig ID: N/A

AV:

N/A

 

Sygate IDS:

N/A



Legacy ID



2010030511372348


Article URL http://www.symantec.com/docs/TECH139967


Terms of use for this information are found in Legal Notices