MS11-019: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

Arbitrary code can be executed on the remote host through the installed
SMB client.

Description :

The version of the SMB client software installed on the remote Windows
host may be affected by multiple vulnerabilities which could allow an
attacker to execute arbitrary code on the remote host subject to the
privileges of the user running the affected software.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms11-019

Solution :

Microsoft has released a set of patches for Windows XP, 2003, Vista,
2008, 7, and 2008 R2.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 53376 ()

Bugtraq ID: 46360
47239

CVE ID: CVE-2011-0654
CVE-2011-0660