Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) - Nessus

Critical   Plugin ID: 108811

This page contains detailed information about the Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents
hide

Plugin Overview

ID: 108811
Name: Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)
Filename: win_server_2008_ntlm_pci.nasl
Vulnerability Published: N/A
This Plugin Published: 2018-04-03
Last Modification Time: 2020-08-05
Plugin Version: 1.9
Plugin Type: remote
Plugin Family: Windows
Dependencies: smtp_ntlm_info.nasl
Required KB Items [?]: Settings/ParanoidReport, Settings/PCI_DSS

Vulnerability Information

Severity: Critical
Vulnerability Published: N/A
Patch Published: N/A
CVE [?]: CVE-2008-0015, CVE-2008-0020, CVE-2008-4038, CVE-2008-4114, CVE-2008-4250, CVE-2008-4609, CVE-2008-4835, CVE-2009-0086, CVE-2009-0089, CVE-2009-0550, CVE-2009-0901, CVE-2009-1925, CVE-2009-1926, CVE-2009-1930, CVE-2009-2493, CVE-2009-2494, CVE-2009-2505, CVE-2009-3676, CVE-2009-3677, CVE-2009-3678, CVE-2010-0020, CVE-2010-0021, CVE-2010-0022, CVE-2010-0231, CVE-2010-0239, CVE-2010-0240, CVE-2010-0241, CVE-2010-0242, CVE-2010-0269, CVE-2010-0270, CVE-2010-0476, CVE-2010-0477, CVE-2010-1263, CVE-2010-2550, CVE-2010-2551, CVE-2010-2552
CPE [?]: N/A
Exploited by Malware: True

Synopsis

The remote host may allow remote code execution.

Description

According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution.

Solution

Ensure the appropriate patches have been applied.

Public Exploits

Target Network Port(s): 25
Target Asset(s): Services/smtp
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub, Immunity Canvas, Core Impact)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) vulnerability:

  1. Metasploit: exploit/windows/browser/msvidctl_mpeg2
    [Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption]
  2. Metasploit: exploit/windows/smb/ms08_067_netapi
    [MS08-067 Microsoft Server Service Relative Path Stack Corruption]
  3. Metasploit: auxiliary/dos/windows/smb/ms09_001_write
    [Microsoft SRV.SYS WriteAndX Invalid DataOffset]
  4. Metasploit: auxiliary/dos/windows/smb/ms10_054_queryfs_pool_overflow
    [Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS]
  5. Exploit-DB: exploits/windows/dos/6463.rb
    [EDB-6463: Microsoft Windows - 'WRITE_ANDX' SMB Command Handling Kernel Denial of Service (Metasploit)]
  6. Exploit-DB: exploits/windows/dos/6824.txt
    [EDB-6824: Microsoft Windows Server - Code Execution (PoC) (MS08-067)]
  7. Exploit-DB: exploits/windows/dos/12273.py
    [EDB-12273: Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)]
  8. Exploit-DB: exploits/windows/dos/14607.py
    [EDB-14607: Microsoft - SMB Server Trans2 Zero Size Pool Alloc (MS10-054)]
  9. Exploit-DB: exploits/windows/local/16615.rb
    [EDB-16615: Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit)]
  10. Exploit-DB: exploits/windows/remote/7104.c
    [EDB-7104: Microsoft Windows Server - Code Execution (MS08-067)]
  11. Exploit-DB: exploits/windows/remote/7132.py
    [EDB-7132: Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)]
  12. Exploit-DB: exploits/windows/remote/9108.py
    [EDB-9108: Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow]
  13. Exploit-DB: exploits/windows/remote/15266.txt
    [EDB-15266: Microsoft Windows - NTLM Weak Nonce (MS10-012)]
  14. Exploit-DB: exploits/windows/remote/16362.rb
    [EDB-16362: Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) (Metasploit)]
  15. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2008-4038]
  16. GitHub: https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API
    [CVE-2008-4114]
  17. GitHub: https://github.com/3hydraking/MS08_067_CVE-2008-4250
    [CVE-2008-4250: ms08_067 ( Python3 Script)]
  18. GitHub: https://github.com/4070E034/gank
    [CVE-2008-4250]
  19. GitHub: https://github.com/4070E071/nmap
    [CVE-2008-4250]
  20. GitHub: https://github.com/Al1ex/WindowsElevation
    [CVE-2008-4250]
  21. GitHub: https://github.com/ArcadeHustle/X3_USB_softmod
    [CVE-2008-4250]
  22. GitHub: https://github.com/Ascotbe/Kernelhub
    [CVE-2008-4250]
  23. GitHub: https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
    [CVE-2008-4250]
  24. GitHub: https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API
    [CVE-2008-4250]
  25. GitHub: https://github.com/SexyBeast233/SecBooks
    [CVE-2008-4250]
  26. GitHub: https://github.com/gwyomarch/Legacy-HTB-Writeup-FR
    [CVE-2008-4250]
  27. GitHub: https://github.com/k4u5h41/MS08_067_CVE-2008-4250
    [CVE-2008-4250: Ms08_067 ( Python3 Script)]
  28. GitHub: https://github.com/miguelvelazco/coffee-saver
    [CVE-2008-4250]
  29. GitHub: https://github.com/morkin1792/security-tests
    [CVE-2008-4250]
  30. GitHub: https://github.com/nanotechz9l/cvesearch
    [CVE-2008-4250]
  31. GitHub: https://github.com/notsag-dev/htb-legacy
    [CVE-2008-4250]
  32. GitHub: https://github.com/shashihacks/OSCP
    [CVE-2008-4250]
  33. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2008-4250]
  34. GitHub: https://github.com/ycdxsb/WindowsPrivilegeEscalation
    [CVE-2008-4250]
  35. GitHub: https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API
    [CVE-2008-4835]
  36. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2008-4835]
  37. GitHub: https://github.com/aRustyDev/C844
    [CVE-2009-3676]
  38. GitHub: https://github.com/Al1ex/WindowsElevation
    [CVE-2010-0020]
  39. GitHub: https://github.com/Amnesthesia/EHAPT-Group-Project
    [CVE-2010-0020]
  40. GitHub: https://github.com/Ascotbe/Kernelhub
    [CVE-2010-0020]
  41. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-0020]
  42. GitHub: https://github.com/ycdxsb/WindowsPrivilegeEscalation
    [CVE-2010-0020]
  43. GitHub: https://github.com/Amnesthesia/EHAPT-Group-Project
    [CVE-2010-0021]
  44. GitHub: https://github.com/aRustyDev/C844
    [CVE-2010-0021]
  45. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-0021]
  46. GitHub: https://github.com/Amnesthesia/EHAPT-Group-Project
    [CVE-2010-0022]
  47. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-0022]
  48. GitHub: https://github.com/Amnesthesia/EHAPT-Group-Project
    [CVE-2010-0231]
  49. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-0231]
  50. GitHub: https://github.com/aRustyDev/C844
    [CVE-2010-0269]
  51. GitHub: https://github.com/Ascotbe/Kernelhub
    [CVE-2010-0270]
  52. GitHub: https://github.com/aRustyDev/C844
    [CVE-2010-0270]
  53. GitHub: https://github.com/ycdxsb/WindowsPrivilegeEscalation
    [CVE-2010-0270]
  54. GitHub: https://github.com/aRustyDev/C844
    [CVE-2010-0476]
  55. GitHub: https://github.com/aRustyDev/C844
    [CVE-2010-0477]
  56. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-2550]
  57. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-2551]
  58. GitHub: https://github.com/uroboros-security/SMB-CVE
    [CVE-2010-2552]
  59. GitHub: https://github.com/offensive-security/exploitdb-bin-sploits/blob/master/bin-sploits/6824.zip
    [EDB-6824]
  60. GitHub: https://github.com/4n0nym0u5dk/MS08_067_CVE-2008-4250
    [CVE-2008-4250: Ms08_067 ( Python3 Script)]
  61. GitHub: https://github.com/thunderstrike9090/Conflicker_analysis_scripts
    [CVE-2008-4250: Scripts to analyze conflicker worm which exploits famous netapi vulnerability ...]
  62. GitHub: https://github.com/marcelki/sockstress
    [CVE-2008-4609: Sockstress (CVE-2008-4609) DDoS implementation written in Go]
  63. Immunity Canvas: CANVAS

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS Score Source [?]: CVE-2008-4038
CVSS V2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:ND/RC:C
CVSS Base Score:10.0 (High)
Impact Subscore:10.0
Exploitability Subscore:10.0
CVSS Temporal Score:10.0 (High)
CVSS Environmental Score:NA (None)
Modified Impact Subscore:NA
Overall CVSS Score:10.0 (High)
CVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:X/RC:C
CVSS Base Score:9.8 (Critical)
Impact Subscore:5.9
Exploitability Subscore:3.9
CVSS Temporal Score:9.8 (Critical)
CVSS Environmental Score:NA (None)
Modified Impact Subscore:NA
Overall CVSS Score:9.8 (Critical)
STIG Severity [?]: I
STIG Risk Rating: High

Go back to menu.

Plugin Source

This is the win_server_2008_ntlm_pci.nasl nessus plugin source code. This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. 

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(108811);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/05");

  script_cve_id(
    "CVE-2008-0015",
    "CVE-2008-0020",
    "CVE-2008-4038",
    "CVE-2008-4114",
    "CVE-2008-4250",
    "CVE-2008-4609",
    "CVE-2008-4835",
    "CVE-2009-0086",
    "CVE-2009-0089",
    "CVE-2009-0550",
    "CVE-2009-0901",
    "CVE-2009-1925",
    "CVE-2009-1926",
    "CVE-2009-1930",
    "CVE-2009-2493",
    "CVE-2009-2494",
    "CVE-2009-2505",
    "CVE-2009-3676",
    "CVE-2009-3677",
    "CVE-2009-3678",
    "CVE-2010-0020",
    "CVE-2010-0021",
    "CVE-2010-0022",
    "CVE-2010-0231",
    "CVE-2010-0239",
    "CVE-2010-0240",
    "CVE-2010-0241",
    "CVE-2010-0242",
    "CVE-2010-0269",
    "CVE-2010-0270",
    "CVE-2010-0476",
    "CVE-2010-0477",
    "CVE-2010-1263",
    "CVE-2010-2550",
    "CVE-2010-2551",
    "CVE-2010-2552"
  );
  script_bugtraq_id(
    31179,
    31545,
    31647,
    31874,
    33121,
    33122,
    34435,
    34437,
    34439,
    35558,
    35585,
    35828,
    35832,
    35982,
    35993,
    36265,
    36269,
    36989,
    37197,
    37198,
    38049,
    38051,
    38054,
    38061,
    38062,
    38063,
    38064,
    38085,
    39312,
    39336,
    39339,
    39340,
    40237,
    40574,
    42224,
    42263,
    42267
  );
  script_xref(name:"CERT", value:"827267");
  script_xref(name:"IAVA", value:"2008-A-0081-S");
  script_xref(name:"IAVA", value:"2009-A-0077-S");
  script_xref(name:"IAVA", value:"2009-A-0126-S");
  script_xref(name:"IAVA", value:"2010-A-0030-S");
  script_xref(name:"IAVB", value:"2009-B-0037-S");
  script_xref(name:"CERT", value:"180513");
  script_xref(name:"CERT", value:"456745");
  script_xref(name:"EDB-ID", value:"6463");
  script_xref(name:"EDB-ID", value:"6824");
  script_xref(name:"EDB-ID", value:"7104");
  script_xref(name:"EDB-ID", value:"7132");
  script_xref(name:"EDB-ID", value:"9108");
  script_xref(name:"EDB-ID", value:"16615");
  script_xref(name:"EDB-ID", value:"14607");
  script_xref(name:"MSFT", value:"MS08-063");
  script_xref(name:"MSFT", value:"MS08-067");
  script_xref(name:"MSFT", value:"MS09-001");
  script_xref(name:"MSFT", value:"MS09-013");
  script_xref(name:"MSFT", value:"MS09-037");
  script_xref(name:"MSFT", value:"MS09-042");
  script_xref(name:"MSFT", value:"MS09-048");
  script_xref(name:"MSFT", value:"MS09-071");
  script_xref(name:"MSFT", value:"MS10-009");
  script_xref(name:"MSFT", value:"MS10-012");
  script_xref(name:"MSFT", value:"MS10-020");
  script_xref(name:"MSFT", value:"MS10-043");
  script_xref(name:"MSFT", value:"MS10-054");
  script_xref(name:"MSFT", value:"MS10-083");
  script_xref(name:"MSKB", value:"957095");
  script_xref(name:"MSKB", value:"958644");
  script_xref(name:"MSKB", value:"958687");
  script_xref(name:"MSKB", value:"960803");
  script_xref(name:"MSKB", value:"967723");
  script_xref(name:"MSKB", value:"960859");
  script_xref(name:"MSKB", value:"973354");
  script_xref(name:"MSKB", value:"973507");
  script_xref(name:"MSKB", value:"973540");
  script_xref(name:"MSKB", value:"973815");
  script_xref(name:"MSKB", value:"973869");
  script_xref(name:"MSKB", value:"974318");
  script_xref(name:"MSKB", value:"971468");
  script_xref(name:"MSKB", value:"974145");
  script_xref(name:"MSKB", value:"980232");
  script_xref(name:"MSKB", value:"979687");
  script_xref(name:"MSKB", value:"982214");
  script_xref(name:"MSKB", value:"2032276");

  script_name(english:"Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)");
  script_summary(english:"Checks the OS version number");

  script_set_attribute(attribute:"synopsis", value:
"The remote host may allow remote code execution.");
  script_set_attribute(attribute:"description", value:
"According to the version number obtained by NTLM the
remote host has Windows Server 2008 installed. The host
may be vulnerable to a number of vulnerabilities including
remote unauthenticated code execution.");
  script_set_attribute(attribute:"solution", value:
"Ensure the appropriate patches have been applied.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:ND/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:X/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-4038");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');
  script_cwe_id(16, 20, 94, 119, 189, 255, 264, 287, 310, 362, 399);

  script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/03");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smtp_ntlm_info.nasl");
  script_require_keys("Settings/ParanoidReport", "Settings/PCI_DSS");
  script_require_ports("Services/smtp", 25);

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("smtp_func.inc");
include("audit.inc");

if (!get_kb_item("Settings/PCI_DSS"))
{
  audit(AUDIT_PCI);
}

if (report_paranoia < 2)
{
  audit(AUDIT_PARANOID);
}

port = get_kb_item_or_exit("Services/smtp");
os_version = get_kb_item_or_exit("smtp/"+port+"/ntlm/host/os_version");
if (os_version != "6.0.6001")
{
  audit(AUDIT_OS_SP_NOT_VULN);
}

security_report_v4(severity:SECURITY_HOLE, port:port);
exit(0);

The latest version of this script can be found in these locations depending on your platform:

  • Linux / Unix:
    /opt/nessus/lib/nessus/plugins/win_server_2008_ntlm_pci.nasl
  • Windows:
    C:\ProgramData\Tenable\Nessus\nessus\plugins\win_server_2008_ntlm_pci.nasl
  • Mac OS X:
    /Library/Nessus/run/lib/nessus/plugins/win_server_2008_ntlm_pci.nasl

Go back to menu.

How to Run

Here is how to run the Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

  1. Click to start a New Scan.
  2. Select Advanced Scan.
  3. Navigate to the Plugins tab.
  4. On the top right corner click to Disable All plugins.
  5. On the left side table select Windows plugin family.
  6. On the right side table select Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) plugin ID 108811.
  7. Specify the target on the Settings tab and click to Save the scan.
  8. Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl win_server_2008_ntlm_pci.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a win_server_2008_ntlm_pci.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - win_server_2008_ntlm_pci.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state win_server_2008_ntlm_pci.nasl -t <IP/HOST>

Go back to menu.

References

BID | SecurityFocus Bugtraq ID: MSKB | Microsoft Knowledge Base: MSFT | Microsoft Security Bulletin:
  • MS08-063, MS08-067, MS09-001, MS09-013, MS09-037, MS09-042, MS09-048, MS09-071, MS10-009, MS10-012, MS10-020, MS10-043, MS10-054, MS10-083
IAVA | Information Assurance Vulnerability Alert:
  • 2008-A-0081-S, 2009-A-0077-S, 2009-A-0126-S, 2010-A-0030-S
IAVB | Information Assurance Vulnerability Bulletin:
  • 2009-B-0037-S
CERT | Computer Emergency Response Team: CWE | Common Weakness Enumeration:
  • CWE-16 (Category) Configuration
  • CWE-20 (Weakness) Improper Input Validation
  • CWE-94 (Weakness) Improper Control of Generation of Code ('Code Injection')
  • CWE-119 (Weakness) Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-189 (Category) Numeric Errors
  • CWE-255 (Category) Credentials Management Errors
  • CWE-264 (Category) Permissions, Privileges, and Access Controls
  • CWE-287 (Weakness) Improper Authentication
  • CWE-310 (Category) Cryptographic Issues
  • CWE-362 (Weakness) Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-399 (Category) Resource Management Errors
See also: Similar and related Nessus plugins:
  • 49038 - TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products - Cisco Systems
  • 78121 - F5 Networks BIG-IP : Sockstress DoS tool vulnerability (SOL10509)
  • 40434 - Flash Player < 9.0.246.0 / 10.0.32.18 Multiple Vulnerabilities (APSB09-10)
  • 44922 - FreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)
  • 44597 - Sun OpenOffice.org < 3.2 Multiple Vulnerabilities
  • 34821 - MS08-067: Vulnerability in Server Service Could Allow Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check / IPS)
  • 34477 - MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check)
  • 35362 - MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687) (uncredentialed check)
  • 47556 - MS10-012: Vulnerabilities in SMB Could Allow Remote Code Execution (971468) (uncredentialed check)
  • 39622 - MS09-032: Cumulative Security Update of ActiveX Kill Bits (973346)
  • 34408 - MS08-063: Microsoft Windows SMB File Name Handling Remote Underflow (957095)
  • 34476 - MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Remote Code Execution (958644) (ECLIPSEDWING)
  • 35361 - MS09-001: Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
  • 36152 - MS09-014: Cumulative Security Update for Internet Explorer (963027)
  • 40556 - MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
  • 40891 - MS09-048: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)
  • 43064 - MS09-072: Cumulative Security Update for Internet Explorer (976325)
  • 44422 - MS10-012: Vulnerabilities in SMB Could Allow Remote Code Execution (971468)
  • 45507 - MS10-020: Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)
  • 48291 - MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
  • 48405 - MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) (remote check)
  • 40488 - openSUSE Security Update : flash-player (flash-player-1148)
  • 40489 - openSUSE Security Update : flash-player (flash-player-1148)
  • 41392 - SuSE 11 Security Update : flash-player (SAT Patch Number 1149)
  • 43599 - SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12564)
  • 51731 - SuSE 10 Security Update : flash-player (ZYPP Patch Number 6386)
  • 42001 - openSUSE 10 Security Update : flash-player (flash-player-6387)
  • 43822 - SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6740)
  • 49863 - SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6741)
  • 122927 - Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
  • 132101 - Windows Speculative Execution Configuration Check
  • 152100 - Windows SeriousSAM HiveNightmare Registry Read Vulnerability
  • 139239 - Windows Security Feature Bypass in Secure Boot (BootHole)
  • 108808 - Microsoft IIS 7.0 Vulnerabilities (uncredentialed) (PCI/DSS)

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file win_server_2008_ntlm_pci.nasl version 1.9. For more plugins, visit the Nessus Plugin Library.

Go back to menu.