 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.900055 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Server Service Could Allow Remote Code Execution Vulnerability (958644) |
| Zusammenfassung: | This host is missing a critical security update according to; Microsoft Bulletin MS08-067. |
| Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-067. Vulnerability Insight: Flaw is due to an error in the Server Service, that does not properly handle specially crafted RPC requests. Vulnerability Impact: Successful exploitation could allow remote attackers to take complete control of an affected system. Variants of Conficker worm are based on the above described vulnerability. More details regarding the worm and means to resolve this can be found at the linked references. Affected Software/OS: - Microsoft Windows 2K Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 1 and prior - Microsoft Windows 2008 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-4250 BugTraq ID: 31874 http://www.securityfocus.com/bid/31874 Bugtraq: 20081026 Windows RPC MS08-067 FAQ document released (Google Search) http://www.securityfocus.com/archive/1/497808/100/0/threaded Bugtraq: 20081027 Windows RPC MS08-067 FAQ document updated (Google Search) http://www.securityfocus.com/archive/1/497816/100/0/threaded Cert/CC Advisory: TA08-297A http://www.us-cert.gov/cas/techalerts/TA08-297A.html Cert/CC Advisory: TA09-088A http://www.us-cert.gov/cas/techalerts/TA09-088A.html CERT/CC vulnerability note: VU#827267 http://www.kb.cert.org/vuls/id/827267 https://www.exploit-db.com/exploits/6824 https://www.exploit-db.com/exploits/6841 https://www.exploit-db.com/exploits/7104 https://www.exploit-db.com/exploits/7132 HPdes Security Advisory: HPSBST02386 http://marc.info/?l=bugtraq&m=122703006921213&w=2 HPdes Security Advisory: SSRT080164 http://blogs.securiteam.com/index.php/archives/1150 Microsoft Security Bulletin: MS08-067 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093 http://www.securitytracker.com/id?1021091 http://secunia.com/advisories/32326 http://www.vupen.com/english/advisories/2008/2902 XForce ISS Database: win-server-rpc-code-execution(46040) https://exchange.xforce.ibmcloud.com/vulnerabilities/46040 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |