Windows : Microsoft Bulletins : Double Pulsar Infection Detect

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.810698

Categoría: Windows : Microsoft Bulletins

Título: Double Pulsar Infection Detect

Resumen: This host is vulnerable to the 'Eternalblue' tool attack and is; prone to a remote code execution (RCE) vulnerability.

Descripción: Summary:
This host is vulnerable to the 'Eternalblue' tool attack and is
prone to a remote code execution (RCE) vulnerability.

Vulnerability Insight:
An SMBv1 (Server Message Block 1.0) exploit
that could trigger a RCE in older versions of Windows dubbed as 'ETERNALBLUE'
has been discovered in latest dump of NSA Tools. One covert channel, 'double
pulsar', is designed to particular for systems that are vulnerable to Eternalblue.
The covert channel uses SMB features that have so far been not used, in
particular, the 'Trans2' feature.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to execute arbitrary code on the affected system. Failed attacks
will cause denial of service conditions.

Affected Software/OS:
All Windows Platforms from Windows XP
through Windows 2012

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-0146
BugTraq ID: 96707
http://www.securityfocus.com/bid/96707
https://www.exploit-db.com/exploits/41891/
https://www.exploit-db.com/exploits/41987/
https://www.exploit-db.com/exploits/43970/
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
http://www.securitytracker.com/id/1037991
Common Vulnerability Exposure (CVE) ID: CVE-2017-0147
BugTraq ID: 96709
http://www.securityfocus.com/bid/96709

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.810698
Categoría:	Windows : Microsoft Bulletins
Título:	Double Pulsar Infection Detect
Resumen:	This host is vulnerable to the 'Eternalblue' tool attack and is; prone to a remote code execution (RCE) vulnerability.
Descripción:	Summary: This host is vulnerable to the 'Eternalblue' tool attack and is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: An SMBv1 (Server Message Block 1.0) exploit that could trigger a RCE in older versions of Windows dubbed as 'ETERNALBLUE' has been discovered in latest dump of NSA Tools. One covert channel, 'double pulsar', is designed to particular for systems that are vulnerable to Eternalblue. The covert channel uses SMB features that have so far been not used, in particular, the 'Trans2' feature. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code on the affected system. Failed attacks will cause denial of service conditions. Affected Software/OS: All Windows Platforms from Windows XP through Windows 2012 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0146 BugTraq ID: 96707 http://www.securityfocus.com/bid/96707 https://www.exploit-db.com/exploits/41891/ https://www.exploit-db.com/exploits/41987/ https://www.exploit-db.com/exploits/43970/ http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 http://www.securitytracker.com/id/1037991 Common Vulnerability Exposure (CVE) ID: CVE-2017-0147 BugTraq ID: 96709 http://www.securityfocus.com/bid/96709
Copyright	Copyright (C) 2017 Greenbone AG