This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host due to a flaw in the
The version of the Print Spooler service on the remote Windows host is
affected by one or more of the following vulnerabilities :
- A buffer overflow vulnerability could allow an
unauthenticated, remote attacker to execute arbitrary
code with SYSTEM privileges. (CVE-2009-0228)
- Using a specially crafted separator page, a local user
can read or print any file on the affected system.
- Using a specially crafted RPC message, a user who has
the 'Manage Printer' privilege can have the spooler
load an arbitrary DLL and thereby execute arbitrary
code with elevated privileges. (CVE-2009-0230)
See also :
Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista and 2008.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true