vendor:
Windows Vista
by:
Microsoft
8.1
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: Windows Vista
Affected Version From: Windows Vista
Affected Version To: Windows Server 2008
Patch Exists: YES
Related CWE: CVE-2017-0143
CPE: o:microsoft:windows_vista
Other Scripts:
https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/smb/ms17_010_eternalblue, https://www.infosecmatter.com/nessus-plugin-library/?id=97833, https://www.infosecmatter.com/nessus-plugin-library/?id=97737, https://www.infosecmatter.com/nmap-nse-library/?nse=smb-vuln-ms17-010, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/smb/ms17_010_psexec, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/smb/smb_doublepulsar_rce, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/scanner/smb/smb_ms17_010, https://www.infosecmatter.com/nessus-plugin-library/?id=100103, https://www.infosecmatter.com/nessus-plugin-library/?id=102774, https://www.infosecmatter.com/nessus-plugin-library/?id=102998
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2017
Microsoft Windows SMBv2.0 Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the Microsoft Server Message Block 2.0 (SMBv2) protocol due to improper handling of certain requests. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Mitigation:
Microsoft has released a security update to address this vulnerability.