Microsoft Pragmatic General Multicast (PGM) Denial Of Service Vulnerability (950762) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS08-036.

Impact

Successful exploitation could allow remote attackers to cause a vulnerable system to become non-responsive. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms08-036.mspx

Insight

The flaw is due to the errors in Pragmatic General Multicast (PGM) protocol when handling PGM packets with an invalid option length field or fragment option.

Affected

Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2K3 Service Pack 2 and prior. Microsoft Windows Vista Service Pack 1 and prior. Microsoft Windows Server 2008 Service Pack 1 and prior.

References

http://secunia.com/advisories/30587
http://www.microsoft.com/technet/security/bulletin/ms08-036.mspx
http://www.vupen.com/english/advisories/2008/1783

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-1440, CVE-2008-1441
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Cumulative Security Update for Internet Explorer (961260)
Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)

Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability (950762)

Take action and discover your vulnerabilities