CVE-2008-4250

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP1 and SP2 Microsoft Windows Vista Gold and SP1 Microsoft Windows Server 2008 Microsoft Windows 7 Pre-Beta Windows Embedded Standard 2009

Description The issue is related to a remote code execution vulnerability in the Server service, which can be exploited by sending a specially crafted RPC request. This vulnerability was exploited in the wild by Gimmiv.A in October 2008. The problem lies in the improper handling of path canonicalization, leading to a buffer overflow. This can result in the execution of arbitrary code or denial of service. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Microsoft Windows 2000 SP4, update to a newer version to mitigate the risk. For Microsoft Windows XP SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 SP1 and SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008, update to a newer version to mitigate the risk. For Microsoft Windows 7 Pre-Beta, update to a newer version to mitigate the risk. For Windows Embedded Standard 2009, consider disabling the NetprPathCanonicalize function in the netapi32.dll module as a temporary workaround until a patch is available. Restrict access to the C:WindowsSystem32 directory to minimize the risk of exploitation. Avoid using the NetprPathCanonicalize function until the issue is resolved.