1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. OS Attack: MSRPC Server Service RPC CVE-2008-4250 2

OS Attack: MSRPC Server Service RPC CVE-2008-4250 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in the Server Service on Windows systems which may result in remote code execution.

Additional Information

A remote code execution vulnerability exists in the Server service on Windows systems. The vulnerability is due to the service not properly handling specially crafted RPC requests. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-4250.

Affected

  • Microsoft Windows 2000 Service Pack 4
  • Windows XP Service Pack 2 and Windows XP Service Pack 3
  • Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista and Windows Vista Service Pack 1
  • Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
  • Windows Server 2008 for 32-bit Systems*
  • Windows Server 2008 for x64-based Systems*
  • Windows Server 2008 for Itanium-based Systems

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube