| VID |
26225 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS06-051, KB917422) for 'Vulnerability in Windows Kernel' has not been applied. Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1 are vulnerable to two vulnerabilities in Microsoft Windows, which could be exploited by remote attackers to take complete control of an affected system or by malicious users to obtain elevated privileges.
- User Profile Elevation of Privilege Vulnerability (CVE-2006-3443): There is a privilege elevation vulnerability in the way that Windows 2000 starts applications.
- Unhandled Exception Vulnerability (CVE-2006-3648): There is a remote code execution vulnerability in the way that exception handling is managed on multiple applications that are resident in memory.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms06-051.mspx
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
http://www.kb.cert.org/vuls/id/411516
http://www.kb.cert.org/vuls/id/337244
http://www.frsirt.com/english/advisories/2006/3216
http://secunia.com/advisories/21417
http://securitytracker.com/id?1016661
http://securitytracker.com/id?1016662
* Platforms Affected:
Microsoft Windows 2000 SP4
Microsoft Windows XP SP1, SP2
Microsoft Windows Server 2003 SP1 |
| Recommendation |
Apply the appropriate patch (KB917422) for your system, as listed in Microsoft Security Bulletin MS06-051 at http://www.microsoft.com/technet/security/bulletin/ms06-051.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2006-3086,CVE-2006-3438 (CVE) |
| Related URL |
19405 (SecurityFocus) |
| Related URL |
27224,28020,28022 (ISS) |
|
