 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.808085 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Web Proxy Auto Discovery (WPAD) Privilege Elevation Vulnerabilities (3165191) |
| Resumen: | This host is missing an important security; update according to Microsoft Bulletin MS16-077. |
| Descripción: | Summary: This host is missing an important security update according to Microsoft Bulletin MS16-077. Vulnerability Insight: Multiple flaws exist due to: - when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. - when Microsoft Windows improperly handles certain proxy discovery scenarios using the Web Proxy Auto Discovery (WPAD) protocol method. - when NetBIOS improperly handles responses. Vulnerability Impact: Successful exploitation will allow an attacker to bypass security and gain elevated privileges on a targeted system, and to potentially access and control network traffic for which the attacker does not have sufficient privileges. Affected Software/OS: - Microsoft Windows Vista x32/x64 Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Service Pack 2 - Microsoft Windows 7 x32/x64 Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Service Pack 1 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-3213 Microsoft Security Bulletin: MS16-063 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 Microsoft Security Bulletin: MS16-077 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-077 http://www.securitytracker.com/id/1036096 http://www.securitytracker.com/id/1036104 Common Vulnerability Exposure (CVE) ID: CVE-2016-3236 Common Vulnerability Exposure (CVE) ID: CVE-2016-3299 BugTraq ID: 92387 http://www.securityfocus.com/bid/92387 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |