 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.809093 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Windows Authentication Methods Multiple Vulnerabilities (3199173) |
| Resumen: | This host is missing an important security; update according to Microsoft Bulletin MS16-137. |
| Descripción: | Summary: This host is missing an important security update according to Microsoft Bulletin MS16-137. Vulnerability Insight: Multiple flaws exist due to: - The windows Virtual Secure Mode improperly handles objects in memory. - A denial of service vulnerability in the Local Security Authority Subsystem Service (LSASS). - The windows fails to properly handle NTLM password change requests. Vulnerability Impact: Successful exploitation will allow a locally-authenticated to read sensitive information on the target system, cause the target system to become non-responsive and elevate their permissions from unprivileged to administrator which thereby allows him/her to install programs, view, change or delete data, or create new accounts. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows 10 Version 1607 x32/x64 - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-7238 BugTraq ID: 94045 http://www.securityfocus.com/bid/94045 Microsoft Security Bulletin: MS16-137 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-137 http://www.securitytracker.com/id/1037249 Common Vulnerability Exposure (CVE) ID: CVE-2016-7237 BugTraq ID: 94040 http://www.securityfocus.com/bid/94040 https://www.exploit-db.com/exploits/40744/ Common Vulnerability Exposure (CVE) ID: CVE-2016-7220 BugTraq ID: 94036 http://www.securityfocus.com/bid/94036 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |