=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN035
_____________________________________________________________________

DATE                      : 13/02/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows XP, Windows Server 2003, Windows
                               Vista running WebDAV Mini-Redirector.

======================================================================

MS08-007 - Critical - Vulnerability in WebDAV Mini-Redirector Could Allow
Remote Code Execution (946026)

    Published: February 12, 2008
    Version: 1.0

    This critical security update resolves one privately reported
    vulnerability in the WebDAV Mini-Redirector. An attacker who
    successfully exploited this vulnerability could take complete control
    of an affected system. An attacker could then install programs; view,
    change, or delete data; or create new accounts with full user rights.


Affected Software

    o Windows XP Service Pack 2

    o Windows XP Professional x64 Edition and Windows XP Professional x64
      Edition Service Pack 2

    o Windows Server 2003 Service Pack 1 and Windows Server 2003 Service
      Pack 2

    o Windows Server 2003 x64 Edition and Windows 2003 Server x64 Edition
      Service Pack 2

    o Windows Server 2003 with SP1 for Itanium-based Systems and Windows
      Server 2003 with SP2 for Itanium based Systems

    o Windows Vista

    o Windows Vista x64 Edition


Vulnerability Information

Mini-Redirector Heap Overflow Vulnerability - CVE-2008-0080

    A remote code execution vulnerability exists in the way that the WebDAV
    Mini-Redirector handles responses. An attacker who successfully
    exploited this vulnerability could take complete control of an affected
    system. An attacker could then install programs; view, change, or delete
    data; or create new accounts.

Workarounds for Mini-Redirector Heap Overflow Vulnerability - CVE-2008-0080

    o Disable the Web Client Service


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================