Vulnerability Details : CVE-2008-4114
Public exploit exists!
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability."
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-4114
Probability of exploitation activity in the next 30 days: 11.14%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2008-4114
-
Microsoft SRV.SYS WriteAndX Invalid DataOffset
First seen: 2020-04-26auxiliary/dos/windows/smb/ms09_001_writeThis module exploits a denial of service vulnerability in the SRV.SYS driver of the Windows operating system. This module has been tested successfully against Windows Vista. Authors: - j.v.vallejo <j.v.vallejo@gmail.com>
CVSS scores for CVE-2008-4114
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST |
CWE ids for CVE-2008-4114
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-4114
-
http://www.securitytracker.com/id?1020887
GoDaddy Domain Name Search
-
http://www.vupen.com/english/advisories/2008/2583
Webmail: access your OVH emails on ovhcloud.com | OVHcloudVendor Advisory
-
http://www.securityfocus.com/archive/1/496354/100/0/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/45146
Microsoft Windows WRITE_ANDX SMB packet denial of service CVE-2008-4114 Vulnerability Report
-
http://www.vallejo.cc/proyectos/vista_SMB_write_DoS.htm
Vallejo.9090909090CCExploit
-
http://www.reversemode.com/index.php?option=com_content&task=view&id=54&Itemid=1
ReversemodeExploit
-
https://www.exploit-db.com/exploits/6463
Microsoft Windows - 'WRITE_ANDX' SMB Command Handling Kernel Denial of Service (Metasploit) - Windows dos Exploit
-
http://secunia.com/advisories/31883
About Secunia Research | FlexeraVendor Advisory
-
http://www.securityfocus.com/bid/31179
Microsoft Windows WRITE_ANDX SMB Processing Remote Denial Of Service VulnerabilityExploit
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5262
404 Not Found
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6044
404 Not Found
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001
Microsoft Security Bulletin MS09-001 - Critical | Microsoft Learn
-
http://www.us-cert.gov/cas/techalerts/TA09-013A.html
Microsoft Updates for Multiple SMB Protocol Vulnerabilities | CISAUS Government Resource
Products affected by CVE-2008-4114
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:sp1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*