Windows : Microsoft Bulletins : Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.902232

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886)

Zusammenfassung: This host is missing a critical security update according to; Microsoft Bulletin MS10-058.

Beschreibung: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS10-058.

Vulnerability Insight:
Multiple flaws exist due to:

- An integer overflow error in the Windows 'TCP/IP' stack when handling data
copied from user mode, which could be exploited by malicious users to execute
arbitrary code with elevated privileges.

- An error in the Windows Networking stack when processing malformed packets,
which could be exploited by remote attackers to cause an affected system
to stop responding.

Vulnerability Impact:
Successful exploitation could allow remote attackers to cause a denial of service
or by local attackers to gain elevated privileges.

Affected Software/OS:
- Microsoft Windows 7

- Microsoft Windows Vista Service Pack 1/2 and prior

- Microsoft Windows Server 2008 Service Pack 1/2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-1892
Cert/CC Advisory: TA10-222A
http://www.us-cert.gov/cas/techalerts/TA10-222A.html
Microsoft Security Bulletin: MS10-058
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11845
Common Vulnerability Exposure (CVE) ID: CVE-2010-1893
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12087

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.902232
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS10-058.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-058. Vulnerability Insight: Multiple flaws exist due to: - An integer overflow error in the Windows 'TCP/IP' stack when handling data copied from user mode, which could be exploited by malicious users to execute arbitrary code with elevated privileges. - An error in the Windows Networking stack when processing malformed packets, which could be exploited by remote attackers to cause an affected system to stop responding. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a denial of service or by local attackers to gain elevated privileges. Affected Software/OS: - Microsoft Windows 7 - Microsoft Windows Vista Service Pack 1/2 and prior - Microsoft Windows Server 2008 Service Pack 1/2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1892 Cert/CC Advisory: TA10-222A http://www.us-cert.gov/cas/techalerts/TA10-222A.html Microsoft Security Bulletin: MS10-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-058 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11845 Common Vulnerability Exposure (CVE) ID: CVE-2010-1893 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12087
Copyright	Copyright (C) 2010 Greenbone Networks GmbH