Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.805125 |
Kategorie: | Windows : Microsoft Bulletins |
Titel: | Microsoft Windows Application Compatibility Cache Privilege Escalation (3023266) |
Zusammenfassung: | This host is missing an important security; update according to Microsoft Bulletin MS15-001. |
Beschreibung: | Summary: This host is missing an important security update according to Microsoft Bulletin MS15-001. Vulnerability Insight: Flaw is due to the impersonation token of a caller is not properly checked when determining if an administrator or not. Vulnerability Impact: Successful exploitation will allow local attacker to bypass the authorization check to create cache entries and in turn gain escalated privileges on the system. Affected Software/OS: - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows 8 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/R2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
BugTraq ID: 71972 Common Vulnerability Exposure (CVE) ID: CVE-2015-0002 http://www.securityfocus.com/bid/71972 http://twitter.com/sambowne/statuses/550384131683520512 http://www.zdnet.com/article/google-discloses-unpatched-windows-vulnerability/ https://code.google.com/p/google-security-research/issues/detail?id=118 Microsoft Security Bulletin: MS15-001 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-001 http://secunia.com/advisories/61277 XForce ISS Database: ms-appcompatcache-cve20150002-priv-esc(99523) https://exchange.xforce.ibmcloud.com/vulnerabilities/99523 XForce ISS Database: win-ms15kb3023266-update(99524) https://exchange.xforce.ibmcloud.com/vulnerabilities/99524 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |