MS16-081: Security Update for Active Directory (3160352)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

The remote Windows host is missing a security update. It is,
therefore, affected by a denial of service vulnerability in Active
Directory. An authenticated, remote attacker can exploit this, via the
creation of multiple machine accounts, to cause the Active Directory
service to stop responding.

Note that an attacker must have access to an account that has
privileges to join machines to the domain in order to exploit this
vulnerability.

See also :

https://technet.microsoft.com/library/security/ms16-081

Solution :

Microsoft has released a set of patches for Windows 2008 R2, 2012, and
2012 R2.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score : 3.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 91608 ()

Bugtraq ID: 91118

CVE ID: CVE-2016-3226

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now