Test Kennung:	1.3.6.1.4.1.25623.1.0.900069
Kategorie:	Windows : Microsoft Bulletins
Titel:	Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS09-001.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-001. Vulnerability Insight: The issue is due to the way Server Message Block (SMB) Protocol software handles specially crafted SMB packets. Vulnerability Impact: Successful exploitation could allow remote unauthenticated attackers to cause denying the service by sending a specially crafted network message to a system running the server service. Affected Software/OS: - Microsoft Windows 2K Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4114 BugTraq ID: 31179 http://www.securityfocus.com/bid/31179 Bugtraq: 20080914 Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS (Google Search) http://www.securityfocus.com/archive/1/496354/100/0/threaded Cert/CC Advisory: TA09-013A http://www.us-cert.gov/cas/techalerts/TA09-013A.html https://www.exploit-db.com/exploits/6463 http://www.reversemode.com/index.php?option=com_content&task=view&id=54&Itemid=1 http://www.vallejo.cc/proyectos/vista_SMB_write_DoS.htm Microsoft Security Bulletin: MS09-001 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6044 http://www.securitytracker.com/id?1020887 http://secunia.com/advisories/31883 http://www.vupen.com/english/advisories/2008/2583 XForce ISS Database: win-writeandx-dos(45146) https://exchange.xforce.ibmcloud.com/vulnerabilities/45146 Common Vulnerability Exposure (CVE) ID: CVE-2008-4834 BugTraq ID: 33121 http://www.securityfocus.com/bid/33121 Bugtraq: 20090113 ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/500012/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-001/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5863 http://www.securitytracker.com/id?1021560 http://www.vupen.com/english/advisories/2009/0116 Common Vulnerability Exposure (CVE) ID: CVE-2008-4835 BugTraq ID: 33122 http://www.securityfocus.com/bid/33122 Bugtraq: 20090113 ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/500013/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-002/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5248
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.