ID de Prueba:	1.3.6.1.4.1.25623.1.0.902660
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft SMB Transaction Parsing RCE Vulnerability
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS11-020.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-020. Vulnerability Insight: The flaw is due to improper validation of field in SMB request, which allows remote attackers to execute arbitrary code on the system by sending a malformed SMB request. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code on the system. Affected Software/OS: - Microsoft Windows 7 SP1 and prior - Microsoft Windows 2008 SP2 and prior - Microsoft Windows Vista SP2 and prior - Microsoft Windows 2008 R2 SP1 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0661 BugTraq ID: 47198 http://www.securityfocus.com/bid/47198 Cert/CC Advisory: TA11-102A http://www.us-cert.gov/cas/techalerts/TA11-102A.html Microsoft Security Bulletin: MS11-020 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-020 http://osvdb.org/71781 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12076 http://www.securitytracker.com/id?1025329 http://secunia.com/advisories/44072 http://www.vupen.com/english/advisories/2011/0939
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.