Test Kennung:	1.3.6.1.4.1.25623.1.0.902116
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
Zusammenfassung:	This host is missing a critical security update according to Microsoft; Bulletin MS10-011.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-011. Vulnerability Insight: The issue is caused by an error in the 'Client/Server Run-time Subsystem' (CSRSS) that does not properly terminate user processes when a user logs out. Vulnerability Impact: Successful exploitation could allow remote attackers to monitor all actions performed by other logged-in users or run arbitrary code in kernel mode. Affected Software/OS: - Microsoft Windows 2000 Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 38098 Common Vulnerability Exposure (CVE) ID: CVE-2010-0023 Cert/CC Advisory: TA10-040A http://www.us-cert.gov/cas/techalerts/TA10-040A.html Microsoft Security Bulletin: MS10-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8304 http://secunia.com/advisories/38509
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.