|
|
Family: Windows --> Category: infos
Microsoft Hotfix for KB835732 (SMB check) Vulnerability Scan
Vulnerability Scan Summary
Checks for Microsoft Hotfix KB835732 by talking to the remote SMB service
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
LSASS service.
Description :
The remote version of Windows contains a flaw in the function
DsRolerUpgradeDownlevelServer of the Local Security Authority
Server Service (LSASS) which may allow a possible hacker to execute
arbitrary code on the remote host with the SYSTEM rights.
A series of worms (Sasser) are known to exploit this vulnerability
in the wild.
Solution :
Microsoft has released a set of patches for Windows NT, 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
