CVE-2007-2228
Vulnerability from cvelistv5
Published
2007-10-09 22:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:23:51.189Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html" }, { "name": "27153", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27153" }, { "name": "1018787", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1018787" }, { "name": "25974", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/25974" }, { "name": "HPSBST02280", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "SSRT071480", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "27134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27134" }, { "name": "20071010 ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded" }, { "name": "MS07-058", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058" }, { "name": "ADV-2007-3438", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3438" }, { "name": "oval:org.mitre.oval:def:2310", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310" }, { "name": "TA07-282A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-10-09T00:00:00", "descriptions": [ { "lang": "en", "value": "rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html" }, { "name": "27153", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27153" }, { "name": "1018787", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1018787" }, { "name": "25974", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/25974" }, { "name": "HPSBST02280", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "SSRT071480", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "27134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27134" }, { "name": "20071010 ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded" }, { "name": "MS07-058", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058" }, { "name": "ADV-2007-3438", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3438" }, { "name": "oval:org.mitre.oval:def:2310", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310" }, { "name": "TA07-282A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2007-2228", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html" }, { "name": "27153", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27153" }, { "name": "1018787", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018787" }, { "name": "25974", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25974" }, { "name": "HPSBST02280", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "SSRT071480", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "name": "27134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27134" }, { "name": "20071010 ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded" }, { "name": "MS07-058", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058" }, { "name": "ADV-2007-3438", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3438" }, { "name": "oval:org.mitre.oval:def:2310", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310" }, { "name": "TA07-282A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2007-2228", "datePublished": "2007-10-09T22:00:00", "dateReserved": "2007-04-24T00:00:00", "dateUpdated": "2024-08-07T13:23:51.189Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2007-2228\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2007-10-09T22:17:00.000\",\"lastModified\":\"2024-11-21T00:30:14.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak.\"},{\"lang\":\"es\",\"value\":\"En la biblioteca rpcrt4.dll (tambi\u00e9n conocida como la biblioteca de tiempo de ejecuci\u00f3n RPC) en Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 y SP2, Server 2003 x64 Edition y x64 Edition SP2, y Vista y Vista x64 Edition permiten que los atacantes remotos causar una denegaci\u00f3n de servicio (RPCSS servicio de parada y reinicio del sistema) por medio de una petici\u00f3n RPC que utiliza la autenticaci\u00f3n NTLMSSP PACKET con una firma de remolque de verificaci\u00f3n de valor cero, que conlleva una desreferencia no v\u00e1lida. NOTA: esto tambi\u00e9n afecta a Windows 2000 SP4, aunque el impacto es un filtrado de informaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"CD264C73-360E-414D-BE22-192F92E5A0A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE8F4276-4D97-480D-A542-FE9982FFD765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2978BF86-5A1A-438E-B81F-F360D0E30C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*\",\"matchCriteriaId\":\"6881476D-81A2-4DFD-AC77-82A8D08A0568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3852BB02-47A1-40B3-8E32-8D8891A53114\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:*:professional:*:*:*:*:*\",\"matchCriteriaId\":\"CC5A2998-AFD9-4AD3-BC47-E653345323AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/27134\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27153\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018787\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/482023/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/482366/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/482366/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/25974\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-282A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3438\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-07-055.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/27134\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27153\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482023/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482366/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482366/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-282A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-07-055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.