NVD Vulnerability Detail

CVE-2008-4037

Summary	Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
Summary	Se presenta una vulnerabilidad en Microsoft Windows 2000 Gold hasta SP4, XP Gold hasta SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 permite a los servidores SMB remotos ejecutar código arbitrario en una maquina cliente mediante la reproducción de las credenciales NTLM de un usuario cliente, como se demuestra. por backrush, también se conoce como "SMB Credential Reflection Vulnerability." . NOTA: algunas fuentes confiables informan que esta vulnerabilidad existe debido a una corrección insuficiente para CVE-2000-0834.
Publication Date	Nov. 13, 2008, 8:30 a.m.
Registration Date	Jan. 29, 2021, 1:42 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	はい
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows:server_2003:sp1::::::
cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:::::*
cpe:2.3:o:microsoft:windows:server_2003:sp2::::::
cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:::::*
cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:::::*
cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:::::*
cpe:2.3:o:microsoft:windows:xp:sp2::::::
cpe:2.3:o:microsoft:windows:xp:sp2:x64:::::*
cpe:2.3:o:microsoft:windows:xp:sp3::::::
cpe:2.3:o:microsoft:windows:xp:unknown:x64:::::*
cpe:2.3:o:microsoft:windows_2000:-:sp4::::::
cpe:2.3:o:microsoft:windows_server_2008:-::itanium:::::
cpe:2.3:o:microsoft:windows_server_2008:-::x32:::::
cpe:2.3:o:microsoft:windows_server_2008:-::x64:::::
cpe:2.3:o:microsoft:windows_vista:-:::::::*
cpe:2.3:o:microsoft:windows_vista:-::x64:::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::

Related information, measures and tools

No	URL	refsource
1	http://marc.info/?l=bugtraq&m=122703006921213&w=2	secure@microsoft.com
2	http://osvdb.org/49736	secure@microsoft.com
3	http://secunia.com/advisories/32633	secure@microsoft.com
4	http://securitytracker.com/id?1021163	secure@microsoft.com
5	http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html	secure@microsoft.com
6	http://www.securityfocus.com/bid/7385	secure@microsoft.com
7	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch	secure@microsoft.com
8	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README	secure@microsoft.com
9	http://www.us-cert.gov/cas/techalerts/TA08-316A.html	secure@microsoft.com
10	http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/	secure@microsoft.com
11	http://www.vupen.com/english/advisories/2008/3110	secure@microsoft.com
12	http://www.xfocus.net/articles/200305/smbrelay.html	secure@microsoft.com
13	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068	secure@microsoft.com
14	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012	secure@microsoft.com
15	https://www.exploit-db.com/exploits/7125	secure@microsoft.com
16	http://marc.info/?l=bugtraq&m=122703006921213&w=2	af854a3a-2127-422b-91ae-364da2661108
17	http://osvdb.org/49736	af854a3a-2127-422b-91ae-364da2661108
18	http://secunia.com/advisories/32633	af854a3a-2127-422b-91ae-364da2661108
19	http://securitytracker.com/id?1021163	af854a3a-2127-422b-91ae-364da2661108
20	http://www.networkworld.com/news/2008/111208-microsoft-seven-year-security-patch.html	af854a3a-2127-422b-91ae-364da2661108
21	http://www.securityfocus.com/bid/7385	af854a3a-2127-422b-91ae-364da2661108
22	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch	af854a3a-2127-422b-91ae-364da2661108
23	http://www.securityfocus.com/data/vulnerabilities/exploits/backrush.patch.README	af854a3a-2127-422b-91ae-364da2661108
24	http://www.us-cert.gov/cas/techalerts/TA08-316A.html	af854a3a-2127-422b-91ae-364da2661108
25	http://www.veracode.com/blog/2008/11/microsoft-fixes-8-year-old-design-flaw-in-smb/	af854a3a-2127-422b-91ae-364da2661108
26	http://www.vupen.com/english/advisories/2008/3110	af854a3a-2127-422b-91ae-364da2661108
27	http://www.xfocus.net/articles/200305/smbrelay.html	af854a3a-2127-422b-91ae-364da2661108
28	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-068	af854a3a-2127-422b-91ae-364da2661108
29	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6012	af854a3a-2127-422b-91ae-364da2661108
30	https://www.exploit-db.com/exploits/7125	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows:server_2003:sp1::::::
cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:::::*
cpe:2.3:o:microsoft:windows:server_2003:sp2::::::
cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:::::*
cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:::::*
cpe:2.3:o:microsoft:windows:server_2003:unknown:x64:::::*
cpe:2.3:o:microsoft:windows:xp:sp2::::::
cpe:2.3:o:microsoft:windows:xp:sp2:x64:::::*
cpe:2.3:o:microsoft:windows:xp:sp3::::::
cpe:2.3:o:microsoft:windows:xp:unknown:x64:::::*
cpe:2.3:o:microsoft:windows_2000:-:sp4::::::
cpe:2.3:o:microsoft:windows_server_2008:-::itanium:::::
cpe:2.3:o:microsoft:windows_server_2008:-::x32:::::
cpe:2.3:o:microsoft:windows_server_2008:-::x64:::::
cpe:2.3:o:microsoft:windows_vista:-:::::::*
cpe:2.3:o:microsoft:windows_vista:-::x64:::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::