ID de Prueba:	1.3.6.1.4.1.25623.1.0.832376
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Multiple Vulnerabilities (KB5029259)
Resumen:	This host is missing a critical security; update according to Microsoft KB5029259
Descripción:	Summary: This host is missing a critical security update according to Microsoft KB5029259 Vulnerability Insight: Multiple flaws exist due to: - A Remote Code Execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP). - A Remote Code Execution vulnerability in Microsoft Message Queuing. - A Remote Code Execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands, disclose information, bypass security restrictions, spoofing and conduct DoS attacks. Affected Software/OS: - Microsoft Windows 10 for 32-bit Systems - Microsoft Windows 10 for x64-based Systems Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-38172 Microsoft Message Queuing Denial of Service Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172 Common Vulnerability Exposure (CVE) ID: CVE-2023-38184 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184 Common Vulnerability Exposure (CVE) ID: CVE-2023-35387 Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387 Common Vulnerability Exposure (CVE) ID: CVE-2023-35386 Windows Kernel Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35386 http://packetstormsecurity.com/files/174567/Microsoft-Windows-Kernel-Integer-Overflow-Out-Of-Bounds-Read.html Common Vulnerability Exposure (CVE) ID: CVE-2023-35385 Microsoft Message Queuing Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385 Common Vulnerability Exposure (CVE) ID: CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384 Common Vulnerability Exposure (CVE) ID: CVE-2023-35383 Microsoft Message Queuing Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383 Common Vulnerability Exposure (CVE) ID: CVE-2023-35380 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380 Common Vulnerability Exposure (CVE) ID: CVE-2023-35377 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377 Common Vulnerability Exposure (CVE) ID: CVE-2023-38254 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254 Common Vulnerability Exposure (CVE) ID: CVE-2023-36913 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913 Common Vulnerability Exposure (CVE) ID: CVE-2023-36911 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911 Common Vulnerability Exposure (CVE) ID: CVE-2023-36907 Windows Cryptographic Services Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907 Common Vulnerability Exposure (CVE) ID: CVE-2023-36889 Windows Group Policy Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889 Common Vulnerability Exposure (CVE) ID: CVE-2023-35381 Windows Fax Service Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381 Common Vulnerability Exposure (CVE) ID: CVE-2023-35376 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376 Common Vulnerability Exposure (CVE) ID: CVE-2023-36912 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912 Common Vulnerability Exposure (CVE) ID: CVE-2023-36910 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910 Common Vulnerability Exposure (CVE) ID: CVE-2023-36909 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909 Common Vulnerability Exposure (CVE) ID: CVE-2023-36908 Windows Hyper-V Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908 Common Vulnerability Exposure (CVE) ID: CVE-2023-36906 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906 Common Vulnerability Exposure (CVE) ID: CVE-2023-36905 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905 Common Vulnerability Exposure (CVE) ID: CVE-2023-36903 Windows System Assessment Tool Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903 Common Vulnerability Exposure (CVE) ID: CVE-2023-20569 Debian Security Information: DSA-5475 (Google Search) https://www.debian.org/security/2023/dsa-5475 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/ https://comsec.ethz.ch/research/microarch/inception/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005 https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html http://www.openwall.com/lists/oss-security/2023/08/08/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-36900 Windows Common Log File System Driver Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900 Common Vulnerability Exposure (CVE) ID: CVE-2023-36882 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882 Common Vulnerability Exposure (CVE) ID: CVE-2023-35359 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359 http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html Common Vulnerability Exposure (CVE) ID: CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 http://seclists.org/fulldisclosure/2023/Jul/43
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.