 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.900273 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062) |
| Resumen: | This host is missing a critical security update according to Microsoft; Bulletin MS11-017. |
| Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-017. Vulnerability Insight: The flaw is caused by the way Windows Remote Desktop Client handles loading of DLL files. Remote attacker can execute arbitrary code by tricking a user to open a legitimate Remote Desktop configuration file (.rdp) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Vulnerability Impact: Successful exploitation could allow authenticated attackers to execute arbitrary code with elevated privileges. Affected Software/OS: Remote Desktop Connection 5.2 Client - Windows XP Service Pack 3 and prior Remote Desktop Connection 6.0/6.1 Client - Windows XP Service Pack 3 - Windows Vista Service Pack 2 and prior - Windows Server 2003 Service Pack 2 and prior - Windows Server 2008 Service Pack 2 and prior Remote Desktop Connection 7.0 Client - Windows 7 - Windows XP Service Pack 3 and prior - Windows Vista Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0029 Cert/CC Advisory: TA11-067A http://www.us-cert.gov/cas/techalerts/TA11-067A.html Microsoft Security Bulletin: MS11-017 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-017 http://osvdb.org/71014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12480 http://www.securitytracker.com/id?1025172 http://secunia.com/advisories/43628 http://www.vupen.com/english/advisories/2011/0616 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |