Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.14818
Kategorie:Windows
Titel:Possible GDI+ compromise
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

It is possible to log into the remote host as user 'X' with a blank password

This probably indicates that an attacker exploited one of the
flaws described in MS04-028 with a widely available exploit.

Information on the exploit is available here:
http://seclists.org/lists/fulldisclosure/2004/Sep/0840.html

Information on the patch is available here:
http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx

Solution : Re-install this host, as it has been compromised
Risk factor : Critical

Querverweis: Common Vulnerability Exposure (CVE) ID: CAN-2004-0200
Bugtraq: 20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (Google Search)
http://marc.info/?l=bugtraq&m=109524346729948&w=2
Cert/CC Advisory: TA04-260A
http://www.us-cert.gov/cas/techalerts/TA04-260A.html
CERT/CC vulnerability note: VU#297462
http://www.kb.cert.org/vuls/id/297462
Microsoft Security Bulletin: MS04-028
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307
XForce ISS Database: win-jpeg-bo(16304)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16304
CopyrightThis script is Copyright (C) 2004 Jeff Adams

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.