CVE-2018-8476
N/A
N/A
Summary
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft | Windows Server 2012 R2 | (Server Core installation) | affected |
| Microsoft | Windows Server 2008 | 32-bit Systems Service Pack 2 | affected |
| Microsoft | Windows Server 2008 | 32-bit Systems Service Pack 2 (Server Core installation) | affected |
| Microsoft | Windows Server 2008 | Itanium-Based Systems Service Pack 2 | affected |
| Microsoft | Windows Server 2008 | x64-based Systems Service Pack 2 | affected |
| Microsoft | Windows Server 2008 | x64-based Systems Service Pack 2 (Server Core installation) | affected |
| Microsoft | Windows Server 2012 | (Server Core installation) | affected |
| Microsoft | Windows Server 2019 | (Server Core installation) | affected |
| Microsoft | Windows Server 2016 | (Server Core installation) | affected |
| Microsoft | Windows Server 2008 R2 | Itanium-Based Systems Service Pack 1 | affected |
| Microsoft | Windows Server 2008 R2 | x64-based Systems Service Pack 1 | affected |
| Microsoft | Windows Server 2008 R2 | x64-based Systems Service Pack 1 (Server Core installation) | affected |
| Microsoft | Windows 10 Servers | version 1803 (Server Core Installation) | affected |
Weaknesses
- Remote Code Execution
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1042109
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476
- http://www.securityfocus.com/bid/105774
- https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/
References
- http://www.securitytracker.com/id/1042109
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476
- http://www.securityfocus.com/bid/105774
- https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.