cvelistv5 - cve-2008-1440

CVE-2008-1440 (GCVE-0-2008-1440)

Vulnerability from cvelistv5

Published

2008-06-12 01:30

Modified

2024-08-07 08:24

Severity ?

CWE

Summary

Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the "PGM Invalid Length Vulnerability."

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036	vendor-advisory, x_refsource_MS
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2008/1783	vdb-entry, x_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA08-162B.html	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/30587	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/29508	vdb-entry, x_refsource_BID
	http://securitytracker.com/id?1020230	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:24:42.638Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS08-036",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036"
          },
          {
            "name": "oval:org.mitre.oval:def:5473",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473"
          },
          {
            "name": "ADV-2008-1783",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1783"
          },
          {
            "name": "TA08-162B",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
          },
          {
            "name": "30587",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30587"
          },
          {
            "name": "29508",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29508"
          },
          {
            "name": "1020230",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020230"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the \"PGM Invalid Length Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS08-036",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036"
        },
        {
          "name": "oval:org.mitre.oval:def:5473",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473"
        },
        {
          "name": "ADV-2008-1783",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1783"
        },
        {
          "name": "TA08-162B",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
        },
        {
          "name": "30587",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30587"
        },
        {
          "name": "29508",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29508"
        },
        {
          "name": "1020230",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020230"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-1440",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the \"PGM Invalid Length Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS08-036",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036"
            },
            {
              "name": "oval:org.mitre.oval:def:5473",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473"
            },
            {
              "name": "ADV-2008-1783",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1783"
            },
            {
              "name": "TA08-162B",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
            },
            {
              "name": "30587",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30587"
            },
            {
              "name": "29508",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29508"
            },
            {
              "name": "1020230",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020230"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-1440",
    "datePublished": "2008-06-12T01:30:00.000Z",
    "dateReserved": "2008-03-21T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:24:42.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2008-AVI-306

Vulnerability from certfr_avis

Deux vulnérabilités ont été identifiées dans la mise en œuvre du protocole PGM (Pragmatic General Multicast) du système d'exploitation Windows. Elles peuvent être exploitées par des personnes malveillantes distantes afin de perturber le fonctionnement du système et en particulier ses communications réseau.

Description

Deux vulnérabilités ont été identifiées dans la mise en œuvre du protocole PGM (Pragmatic General Multicast) du système d'exploitation Windows : elles concernent le champ précisant la longueur des options et l'option de fragmentation.

Ce protocole peut être utilisé pour la diffusion en groupes ou multicast et s'appuie sur le principe des accusés de réception négatifs (NACK) pour signaler des données qui n'ont pas été reçues. Il porte le numéro protocolaire 113 dans l'en-tête IP. Il n'est pas activé par défaut. Il peut cependant l'être si le service MSMQ (pour Microsoft Message Queuing est installé par exemple.

Une personne malveillante distante peut exploiter l'une de ces vulnérabilités par le biais de trames spécialement construites afin de perturber les échanges réseau du système vulnérable.

Solution

Se référer au bulletin de sécurité MS08-036 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 2003 Server (SP1 et SP2) pour systèmes Itanium ;
Microsoft	Windows	Windows Vista x64 Edition ;
Microsoft	Windows	Windows XP x64 Edition ;
Microsoft	Windows	Windows XP Service Pack 2 ;
Microsoft	Windows	Windows 2003 Server x64 Edition Service Pack 2 ;
Microsoft	Windows	Windows 2003 Server x64 Edition ;
Microsoft	Windows	Windows Vista x64 Edition Service Pack 1 ;
Microsoft	Windows	Windows 2008 Server (pour systèmes 32-bit, x64 et Itanium).
Microsoft	Windows	Windows XP Service Pack 3 ;
Microsoft	Windows	Windows 2003 Server Service Pack 2 ;
Microsoft	Windows	Windows Vista Service Pack 1 ;
Microsoft	Windows	Windows XP x64 Edition Service Pack 2 ;
Microsoft	Windows	Windows Vista ;
Microsoft	Windows	Windows 2003 Server Service Pack 1 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-036 du 10 juin 2008	None	vendor-advisory
RFC 3208, "PGM Reliable Transport Protocol Specification", décembre 2001 :	-	other
Bloc-notes de Microsoft détaillant le protocole PGM :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 2003 Server (SP1 et SP2) pour syst\u00e8mes Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2008 Server (pour syst\u00e8mes 32-bit, x64 et Itanium).",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans la mise en \u0153uvre du\nprotocole PGM (Pragmatic General Multicast) du syst\u00e8me d\u0027exploitation\nWindows : elles concernent le champ pr\u00e9cisant la longueur des options et\nl\u0027option de fragmentation.\n\nCe protocole peut \u00eatre utilis\u00e9 pour la diffusion en groupes ou multicast\net s\u0027appuie sur le principe des accus\u00e9s de r\u00e9ception n\u00e9gatifs (NACK)\npour signaler des donn\u00e9es qui n\u0027ont pas \u00e9t\u00e9 re\u00e7ues. Il porte le num\u00e9ro\nprotocolaire 113 dans l\u0027en-t\u00eate IP. Il n\u0027est pas activ\u00e9 par d\u00e9faut. Il\npeut cependant l\u0027\u00eatre si le service MSMQ (pour Microsoft Message Queuing\nest install\u00e9 par exemple.\n\nUne personne malveillante distante peut exploiter l\u0027une de ces\nvuln\u00e9rabilit\u00e9s par le biais de trames sp\u00e9cialement construites afin de\nperturber les \u00e9changes r\u00e9seau du syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-036 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-1441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1441"
    },
    {
      "name": "CVE-2008-1440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1440"
    }
  ],
  "initial_release_date": "2008-06-11T00:00:00",
  "last_revision_date": "2008-06-11T00:00:00",
  "links": [
    {
      "title": "RFC 3208, \"PGM Reliable Transport Protocol Specification\",    d\u00e9cembre 2001 :",
      "url": "http://www.ietf.org/rfc/rfc3208.txt"
    },
    {
      "title": "Bloc-notes de Microsoft d\u00e9taillant le protocole PGM :",
      "url": "http://blogs.technet.com/swi/archive/2008/06/10/ms08-036-pgm-what-is-pgm.aspx"
    }
  ],
  "reference": "CERTA-2008-AVI-306",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-06-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans la mise en \u0153uvre du\nprotocole PGM (\u003cspan class=\"textit\"\u003ePragmatic General Multicast\u003c/span\u003e)\ndu syst\u00e8me d\u0027exploitation Windows. Elles peuvent \u00eatre exploit\u00e9es par des\npersonnes malveillantes distantes afin de perturber le fonctionnement du\nsyst\u00e8me et en particulier ses communications r\u00e9seau.\n",
  "title": "Vuln\u00e9rabilit\u00e9s protocolaires dans Windows (PGM)",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-036 du 10 juin 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-036.mspx"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-1440 (GCVE-0-2008-1440)

Vulnerability from cvelistv5

CERTA-2008-AVI-306

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature