Windows : Microsoft Bulletins : Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902337

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS11-011.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS11-011.

Vulnerability Insight:
The flaws are due to

- an integer truncation error in the Windows kernel that does not properly
validate user-supplied data before allocating memory.

- a buffer overflow error in the 'win32k.sys' driver when interacting with
the Windows kernel.

Vulnerability Impact:
Successful exploitation will allow remote attackers or malicious users to
execute arbitrary code with kernel privileges.

Affected Software/OS:
- Microsoft Windows 7

- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows 2K3 Service Pack 2 and prior

- Microsoft Windows Vista Service Pack 2 and prior

- Microsoft Windows Server 2008 Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4398
BugTraq ID: 45045
http://www.securityfocus.com/bid/45045
CERT/CC vulnerability note: VU#529673
http://www.kb.cert.org/vuls/id/529673
http://www.exploit-db.com/exploits/15609/
http://isc.sans.edu/diary.html?storyid=9988
http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/
http://twitter.com/msftsecresponse/statuses/7590788200402945
http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/
Microsoft Security Bulletin: MS11-011
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12162
http://www.securitytracker.com/id?1025046
http://secunia.com/advisories/42356
http://www.vupen.com/english/advisories/2011/0324
Common Vulnerability Exposure (CVE) ID: CVE-2011-0045
BugTraq ID: 46136
http://www.securityfocus.com/bid/46136
Bugtraq: 20110208 ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/516276/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-11-064
http://osvdb.org/70823
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11996
http://securityreason.com/securityalert/8110
XForce ISS Database: ms-win-kernel-privilege-escalation(64926)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64926

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902337
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS11-011.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-011. Vulnerability Insight: The flaws are due to - an integer truncation error in the Windows kernel that does not properly validate user-supplied data before allocating memory. - a buffer overflow error in the 'win32k.sys' driver when interacting with the Windows kernel. Vulnerability Impact: Successful exploitation will allow remote attackers or malicious users to execute arbitrary code with kernel privileges. Affected Software/OS: - Microsoft Windows 7 - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2K3 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 2 and prior - Microsoft Windows Server 2008 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4398 BugTraq ID: 45045 http://www.securityfocus.com/bid/45045 CERT/CC vulnerability note: VU#529673 http://www.kb.cert.org/vuls/id/529673 http://www.exploit-db.com/exploits/15609/ http://isc.sans.edu/diary.html?storyid=9988 http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/ http://twitter.com/msftsecresponse/statuses/7590788200402945 http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/ Microsoft Security Bulletin: MS11-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12162 http://www.securitytracker.com/id?1025046 http://secunia.com/advisories/42356 http://www.vupen.com/english/advisories/2011/0324 Common Vulnerability Exposure (CVE) ID: CVE-2011-0045 BugTraq ID: 46136 http://www.securityfocus.com/bid/46136 Bugtraq: 20110208 ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516276/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-11-064 http://osvdb.org/70823 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11996 http://securityreason.com/securityalert/8110 XForce ISS Database: ms-win-kernel-privilege-escalation(64926) https://exchange.xforce.ibmcloud.com/vulnerabilities/64926
Copyright	Copyright (C) 2011 Greenbone AG