 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.902288 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Microsoft Kerberos Privilege Escalation Vulnerabilities (2496930) |
| Zusammenfassung: | This host is missing a critical security update according to Microsoft; Bulletin MS11-013. |
| Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-013. Vulnerability Insight: The flaws are due to: - An error in Kerberos implementation supporting weak hashing mechanisms such as CRC32. - An error in Kerberos that does not correctly enforce stronger default encryption standards. Vulnerability Impact: Successful exploitation could allow authenticated attackers to obtain a token with elevated privileges on the affected system and allows a man-in-the-middle attacker to force a downgrade in Kerberos communication between a client and server. Affected Software/OS: - Microsoft Windows 7 Service Pack 1 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0043 BugTraq ID: 46130 http://www.securityfocus.com/bid/46130 Microsoft Security Bulletin: MS11-013 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-013 http://osvdb.org/70834 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12432 http://www.securitytracker.com/id?1025048 http://secunia.com/advisories/43251 http://www.vupen.com/english/advisories/2011/0326 XForce ISS Database: ms-kerberos-checksum-privilege-escalation(64900) https://exchange.xforce.ibmcloud.com/vulnerabilities/64900 Common Vulnerability Exposure (CVE) ID: CVE-2011-0091 BugTraq ID: 46140 http://www.securityfocus.com/bid/46140 http://osvdb.org/70835 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12498 http://secunia.com/advisories/43257 XForce ISS Database: ms-kerberos-spoofing(64901) https://exchange.xforce.ibmcloud.com/vulnerabilities/64901 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |