 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.801706 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities (941644) |
| Zusammenfassung: | This host is missing a critical security update according to; Microsoft Bulletin MS08-001. |
| Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-001. Vulnerability Insight: The flaws are due to an errors in the kernel's TCP/IP implementation, - when handling 'IGMPv3' and 'MLDv2' queries can be exploited to cause a buffer overflow. - when handling fragmented router advertisement ICMP queries. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Successful exploitation will allow an attacker to compromise the affected system. Affected Software/OS: - Microsoft Windows XP Service Pack 2 and prior - Microsoft Windows 2000 Service Pack 4 and prior - Microsoft Windows 2K3 Service Pack 2 and prior - Microsoft Windows Vista Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Querverweis: |
BugTraq ID: 27100 BugTraq ID: 27139 Common Vulnerability Exposure (CVE) ID: CVE-2007-0069 http://www.securityfocus.com/bid/27100 Cert/CC Advisory: TA08-008A http://www.us-cert.gov/cas/techalerts/TA08-008A.html CERT/CC vulnerability note: VU#115083 http://www.kb.cert.org/vuls/id/115083 HPdes Security Advisory: HPSBST02304 http://www.securityfocus.com/archive/1/486317/100/0/threaded HPdes Security Advisory: SSRT080003 ISS Security Advisory: 20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities http://www.iss.net/threats/282.html http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-3-the-case-of-the-igmp-network-critical.aspx Microsoft Security Bulletin: MS08-001 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5370 http://securitytracker.com/id?1019166 http://secunia.com/advisories/28297 http://www.vupen.com/english/advisories/2008/0069 XForce ISS Database: win-ssm-igmp-bo(39452) https://exchange.xforce.ibmcloud.com/vulnerabilities/39452 XForce ISS Database: win-ssm-mld-bo(39453) https://exchange.xforce.ibmcloud.com/vulnerabilities/39453 Common Vulnerability Exposure (CVE) ID: CVE-2007-0066 http://www.securityfocus.com/bid/27139 http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5271 XForce ISS Database: win-tcpip-icmp-dos(39254) https://exchange.xforce.ibmcloud.com/vulnerabilities/39254 |
| Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |