Test Kennung:	1.3.6.1.4.1.25623.1.0.900087
Kategorie:	Windows : Microsoft Bulletins
Titel:	Vulnerability in SChannel Could Allow Spoofing (960225)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS09-007.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-007. Vulnerability Insight: Spoofing flaw exists in the Microsoft Windows SChannel (Secure Channel) authentication component when using certificate based authentication. Vulnerability Impact: Attacker who successfully exploited would be able to authenticate to a server using only an authorized user's digital certificate and without the associated private key. Affected Software/OS: - Microsoft Windows 2K Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 1 and prior - Microsoft Windows Server 2008 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:C/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0085 Cert/CC Advisory: TA09-069A http://www.us-cert.gov/cas/techalerts/TA09-069A.html Microsoft Security Bulletin: MS09-007 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-007 http://osvdb.org/52521 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6011 http://www.securitytracker.com/id?1021828 http://secunia.com/advisories/34215 http://www.vupen.com/english/advisories/2009/0660
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.