Test Kennung:	1.3.6.1.4.1.25623.1.0.11215
Kategorie:	Windows : Microsoft Bulletins
Titel:	Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
Zusammenfassung:	The SMB signing capability in the Server Message Block; protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital; signing settings in an SMB session to force the data to be sent unsigned, then inject data; into the session without detection, e.g. by modifying group policy information sent from a; domain controller.
Beschreibung:	Summary: The SMB signing capability in the Server Message Block protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller. Affected Software/OS: - Microsoft Windows 2000 - Microsoft Windows XP Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1256 BugTraq ID: 6367 http://www.securityfocus.com/bid/6367 Microsoft Security Bulletin: MS02-070 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A277 XForce ISS Database: win-smb-policy-modification(10843) https://exchange.xforce.ibmcloud.com/vulnerabilities/10843
Copyright	Copyright (C) 2003 SECNAP Network Security

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.