Detections
Analytics

SMBv2 Remote Code Execution Vulnerability (942624)

critical Nessus Network Monitor Plugin ID 4332

Synopsis

It is possible to execute code on the remote host.

Description

The remote version of Windows contains a version of SMBv2 (Server Message Block) protocol that is vulnerable to several vulnerabilities. An attacker may exploit these flaws to elevate privileges and gain control of the remote host.

Solution

Microsoft has released a set of patches for Windows Vista :

See Also

http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx

Plugin Details

Severity: Critical

ID: 4332

Family: Generic

Published: 1/7/2008

Updated: 3/6/2019

Nessus ID: 29855

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows_vista

Reference Information

CVE: CVE-2007-5351

BID: 26777