Windows : Microsoft Bulletins : Microsoft Windows Telnet Service RCE Vulnerability-Remote (3020393)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.805039

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Telnet Service RCE Vulnerability-Remote (3020393)

Zusammenfassung: This host is missing a critical security; update according to Microsoft Bulletin MS15-002.

Beschreibung: Summary:
This host is missing a critical security
update according to Microsoft Bulletin MS15-002.

Vulnerability Insight:
The flaw is triggered as user-supplied input
is not properly validated. With a specially crafted telnet packet, a remote
attacker can cause a buffer overflow, resulting in a denial of service or
potentially allowing the execution of arbitrary code.

Vulnerability Impact:
Successful exploitation could allow remote
attackers to compromise the affected system.

Affected Software/OS:
- Microsoft Windows 8 x32/x64

- Microsoft Windows Server 2012/R2

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-0014
BugTraq ID: 71968
http://www.securityfocus.com/bid/71968
Microsoft Security Bulletin: MS15-002
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-002
http://www.securitytracker.com/id/1031523
http://secunia.com/advisories/61580
XForce ISS Database: ms-telnet-cve20150014-code-exec(99517)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99517
XForce ISS Database: win-ms15kb3020393-update(99518)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99518

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.805039
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Telnet Service RCE Vulnerability-Remote (3020393)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS15-002.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS15-002. Vulnerability Insight: The flaw is triggered as user-supplied input is not properly validated. With a specially crafted telnet packet, a remote attacker can cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. Vulnerability Impact: Successful exploitation could allow remote attackers to compromise the affected system. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows Server 2012/R2 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0014 BugTraq ID: 71968 http://www.securityfocus.com/bid/71968 Microsoft Security Bulletin: MS15-002 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-002 http://www.securitytracker.com/id/1031523 http://secunia.com/advisories/61580 XForce ISS Database: ms-telnet-cve20150014-code-exec(99517) https://exchange.xforce.ibmcloud.com/vulnerabilities/99517 XForce ISS Database: win-ms15kb3020393-update(99518) https://exchange.xforce.ibmcloud.com/vulnerabilities/99518
Copyright	Copyright (C) 2015 Greenbone AG