CVE-2008-4037

Published: Nov 12, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.

Affected (17)

Products: Microsoft: Windows, Windows 2000, Windows Server 2008, Windows Vista

4 products

Windows Server 2008

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows	Version server_2003 sp1
Microsoft Windows	Version server_2003 sp1
Microsoft Windows	Version server_2003 sp2
Microsoft Windows	Version server_2003 sp2
Microsoft Windows	Version server_2003 sp2
Microsoft Windows	Version server_2003 unknown
Microsoft Windows	Version xp sp2
Microsoft Windows	Version xp sp2
Microsoft Windows	Version xp sp3
Microsoft Windows	Version xp unknown
Microsoft Windows 2000	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Vista	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (30)

http://marc.info/?l=bugtraq&m=122703006921213&w=2

Source: secure@microsoft.com

http://osvdb.org/49736

Source: secure@microsoft.com

http://secunia.com/advisories/32633

Source: secure@microsoft.com

Vendor Advisory

http://securitytracker.com/id?1021163

Source: secure@microsoft.com

http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html

Source: secure@microsoft.com

http://www.securityfocus.com/bid/7385

Source: secure@microsoft.com

ExploitPatch

http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch

Source: secure@microsoft.com

Exploit

http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README

Source: secure@microsoft.com

Exploit

http://www.us-cert.gov/cas/techalerts/TA08-316A.html

Source: secure@microsoft.com

US Government Resource

http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/

Source: secure@microsoft.com

http://www.vupen.com/english/advisories/2008/3110

Source: secure@microsoft.com

Vendor Advisory

http://www.xfocus.net/articles/200305/smbrelay.html

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012

Source: secure@microsoft.com

https://www.exploit-db.com/exploits/7125

Source: secure@microsoft.com

http://marc.info/?l=bugtraq&m=122703006921213&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/49736

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32633

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1021163

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/7385

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.us-cert.gov/cas/techalerts/TA08-316A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/3110

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.xfocus.net/articles/200305/smbrelay.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/7125

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.