Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)

critical Nessus Plugin ID 108811

Synopsis

The remote host may allow remote code execution.

Description

According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution.

Solution

Ensure the appropriate patches have been applied.

Plugin Details

Severity: Critical

ID: 108811

File Name: win_server_2008_ntlm_pci.nasl

Version: 1.9

Type: remote

Agent: windows

Family: Windows

Published: 4/3/2018

Updated: 8/5/2020

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.6

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2008-4038

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:X/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport, Settings/PCI_DSS

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption)

Reference Information

CVE: CVE-2008-0015, CVE-2008-0020, CVE-2008-4038, CVE-2008-4114, CVE-2008-4250, CVE-2008-4609, CVE-2008-4835, CVE-2009-0086, CVE-2009-0089, CVE-2009-0550, CVE-2009-0901, CVE-2009-1925, CVE-2009-1926, CVE-2009-1930, CVE-2009-2493, CVE-2009-2494, CVE-2009-2505, CVE-2009-3676, CVE-2009-3677, CVE-2009-3678, CVE-2010-0020, CVE-2010-0021, CVE-2010-0022, CVE-2010-0231, CVE-2010-0239, CVE-2010-0240, CVE-2010-0241, CVE-2010-0242, CVE-2010-0269, CVE-2010-0270, CVE-2010-0476, CVE-2010-0477, CVE-2010-1263, CVE-2010-2550, CVE-2010-2551, CVE-2010-2552

BID: 38063, 38064, 38085, 39312, 39336, 39339, 39340, 40237, 40574, 42224, 42263, 42267, 31179, 31545, 31647, 31874, 33121, 33122, 34435, 34437, 34439, 35558, 35585, 35828, 35832, 35982, 35993, 36265, 36269, 36989, 37197, 37198, 38049, 38051, 38054, 38061, 38062

CWE: 119, 16, 189, 20, 255, 264, 287, 310, 362, 399, 94

CERT: 180513, 456745, 827267

IAVA: 2008-A-0081-S, 2009-A-0077-S, 2009-A-0126-S, 2010-A-0030-S

IAVB: 2009-B-0037-S

MSFT: MS08-063, MS08-067, MS09-001, MS09-013, MS09-037, MS09-042, MS09-048, MS09-071, MS10-009, MS10-012, MS10-020, MS10-043, MS10-054, MS10-083

MSKB: 2032276, 957095, 958644, 958687, 960803, 960859, 967723, 971468, 973354, 973507, 973540, 973815, 973869, 974145, 974318, 979687, 980232, 982214