|
Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121) Vulnerability Scan
Vulnerability Scan Summary Acertains the parameters of the remote TFTP server
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host through TFTPF.
Description :
The remote host is running a version of TFTPD installed by the Remote Installation
Service which allows everyone to overwritte files on the remote host.
A possible hacker may exploit this flaw to replace SYSTEM files and execute arbitrary code
on this host.
Solution :
Microsoft has released a set of patches for Windows 2000 :
http://www.microsoft.com/technet/security/bulletin/ms06-077.mspx
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|