Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMB:REFLECTION

Severity

 Medium

Recommended

 No

Category

 SMB

Keywords

 MS08-068

Release Date

 2008/11/13

Update Number

 1312

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMB: Reflection Attack


This anomaly triggers if it detects an SMB reflection attack. A successful attack can result in remote code execution.

Extended Description

Microsoft Windows is prone to a vulnerability that could let attackers replay NTLM credentials over the SMB protocol. A successful exploit would let an attacker execute arbitrary code in the context of the affected user.

Affected Products

  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Avaya Messaging Application Server
  • HP Storage Management Appliance 2.1
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows Server 2003 SP1
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 Itanium SP1
  • Microsoft Windows Server 2003 Itanium SP2
  • Microsoft Windows Server 2003 Standard Edition SP1
  • Microsoft Windows Server 2003 Standard Edition SP2
  • Microsoft Windows Server 2003 Standard x64 Edition
  • Microsoft Windows Server 2003 Web Edition SP1
  • Microsoft Windows Server 2003 Web Edition SP2
  • Microsoft Windows Server 2003 x64 SP2
  • Microsoft Windows Server 2008 Datacenter Edition
  • Microsoft Windows Server 2008 Enterprise Edition
  • Microsoft Windows Server 2008 for 32-bit Systems
  • Microsoft Windows Server 2008 for Itanium-based Systems
  • Microsoft Windows Server 2008 for x64-based Systems
  • Microsoft Windows Server 2008 Standard Edition
  • Microsoft Windows Vista Business
  • Microsoft Windows Vista Business SP1
  • Microsoft Windows Vista Enterprise
  • Microsoft Windows Vista Enterprise SP1
  • Microsoft Windows Vista Home Basic
  • Microsoft Windows Vista Home Basic SP1
  • Microsoft Windows Vista Home Premium
  • Microsoft Windows Vista Home Premium SP1
  • Microsoft Windows Vista Ultimate
  • Microsoft Windows Vista Ultimate SP1
  • Microsoft Windows Vista x64 Edition SP1
  • Microsoft Windows Vista x64 Edition
  • Microsoft Windows XP Home SP2
  • Microsoft Windows XP Home SP3
  • Microsoft Windows XP Media Center Edition SP2
  • Microsoft Windows XP Media Center Edition SP3
  • Microsoft Windows XP Professional SP2
  • Microsoft Windows XP Professional SP3
  • Microsoft Windows XP Professional x64 Edition SP2
  • Microsoft Windows XP Professional x64 Edition

References

  • BugTraq: 7385
  • CVE: CVE-2008-4037
  • URL: http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out