MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

high Nessus Plugin ID 33137

Synopsis

An unauthenticated attacker can crash the remote host.

Description

The remote version of Windows is affected by a vulnerability in the Pragmatic General Multicast protocol installed with the MSMQ service.

An attacker may exploit this flaw to crash the remote host remotely.

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista and 2008.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2008/ms08-036

Plugin Details

Severity: High

ID: 33137

File Name: smb_nt_ms08-036.nasl

Version: 1.29

Type: local

Agent: windows

Published: 6/10/2008

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 6/10/2008

Vulnerability Publication Date: 6/10/2008

Reference Information

CVE: CVE-2008-1440, CVE-2008-1441

BID: 29508, 29509

CWE: 20

MSFT: MS08-036

MSKB: 950762