ID de Prueba:	1.3.6.1.4.1.25623.1.0.900233
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft SMB Multiple RCE Vulnerabilities (958687) - Active Check
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS09-001.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-001. Vulnerability Insight: The issue is due to the way Server Message Block (SMB) Protocol software handles specially crafted SMB packets. Vulnerability Impact: Successful exploitation could allow remote unauthenticated attackers to cause denying the service by sending a specially crafted network message to a system running the server service. Affected Software/OS: - Microsoft Windows 2K Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4114 BugTraq ID: 31179 http://www.securityfocus.com/bid/31179 Bugtraq: 20080914 Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS (Google Search) http://www.securityfocus.com/archive/1/496354/100/0/threaded Cert/CC Advisory: TA09-013A http://www.us-cert.gov/cas/techalerts/TA09-013A.html https://www.exploit-db.com/exploits/6463 http://www.reversemode.com/index.php?option=com_content&task=view&id=54&Itemid=1 http://www.vallejo.cc/proyectos/vista_SMB_write_DoS.htm Microsoft Security Bulletin: MS09-001 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6044 http://www.securitytracker.com/id?1020887 http://secunia.com/advisories/31883 http://www.vupen.com/english/advisories/2008/2583 XForce ISS Database: win-writeandx-dos(45146) https://exchange.xforce.ibmcloud.com/vulnerabilities/45146 Common Vulnerability Exposure (CVE) ID: CVE-2008-4834 BugTraq ID: 33121 http://www.securityfocus.com/bid/33121 Bugtraq: 20090113 ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/500012/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-001/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5863 http://www.securitytracker.com/id?1021560 http://www.vupen.com/english/advisories/2009/0116 Common Vulnerability Exposure (CVE) ID: CVE-2008-4835 BugTraq ID: 33122 http://www.securityfocus.com/bid/33122 Bugtraq: 20090113 ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/500013/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-002/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5248
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.