ID de Prueba:	1.3.6.1.4.1.25623.1.0.902444
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Threat Management Gateway Firewall Client Remote Code Execution Vulnerability (2520426)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS11-040
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-040 Vulnerability Insight: The flaw is due to error when setting proper bounds to the 'NSPLookupServiceNext()' function, that allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Affected Software/OS: Microsoft Forefront Threat Management Gateway 2010 SP1 and prior. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1889 BugTraq ID: 48181 http://www.securityfocus.com/bid/48181 Microsoft Security Bulletin: MS11-040 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642 http://www.securitytracker.com/id?1025637 http://secunia.com/advisories/44857 XForce ISS Database: ms-tmg-firewall-bo(67736) https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.