MS08-047: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.

Synopsis :

The remote host IPsec policy processing could lead to information

Description :

The remote version of Windows contains a bug in its IPsec
implementation which might lead to information disclosure.

Specifically, when importing a Windows Server 2003 IPsec policy into a
Windows Server 2008 domain, the system could ignore the IPsec policies
and transmit the traffic in cleartext.

See also :

Solution :

Microsoft has released a set of patches for Windows Vista and Server

Risk factor :

Medium / CVSS Base Score : 5.4
CVSS Temporal Score : 4.5
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 33876 ()

Bugtraq ID: 30634

CVE ID: CVE-2008-2246