CVE-2008-4114: CVE-2008-4114

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-4114

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows SMB WRITE_ANDX处理拒绝服务漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Windows是微软发布的非常流行的操作系统。 Windows的srv.sys驱动处理畸形WRITE_ANDX SMB报文的方式存在内核拒绝服务漏洞，如果未经认证的远程攻击者能够向使用命名管道端点的接口发送WRITE_ANDX报文的话，就可以触发这个漏洞。 Srv.sys是用于处理SMB报文的驱动。报文被解析后，会通过合适的驱动路由。以下是srv.sys解析报文某些重要字段的方式： Módulo: srv.sys Vista SP1 PAGE:00048583 movzx ecx, word ptr [e

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-4114

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-4114

Please Login to view more intelligence information

http://www.vallejo.cc/proyectos/vista_SMB_write_DoS.htmx_refsource_MISC
http://www.reversemode.com/index.php?option=com_content&task=view&id=54&Itemid=1x_refsource_MISC
https://www.exploit-db.com/exploits/6463exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/31883third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/31179vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1020887vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001vendor-advisoryx_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA09-013A.htmlthird-party-advisoryx_refsource_CERT
http://www.vupen.com/english/advisories/2008/2583vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/45146vdb-entryx_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5262vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6044vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/496354/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2008-4114

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2008-4114

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2008-4114

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-4114

III. Intelligence Information for CVE-2008-4114

New Vulnerabilities

V. Comments for CVE-2008-4114

Leave a comment