Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)

Critical Nessus Plugin ID 108811

Synopsis

The remote host may allow remote code execution.

Description

According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution.

Solution

Ensure the appropriate patches have been applied.

Plugin Details

Severity: Critical

ID: 108811

File Name: win_server_2008_ntlm_pci.nasl

Version: 1.7

Type: remote

Agent: windows

Family: Windows

Published: 2018/04/03

Updated: 2019/02/26

Dependencies: 108659

Configuration: Enable paranoid mode

Risk Information

Risk Factor: Critical

CVSS Score Source: CVE-2008-4038

CVSS v2.0

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:ND/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:X/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport, Settings/PCI_DSS

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (MS08-067 Microsoft Server Service Relative Path Stack Corruption)

Reference Information

CVE: CVE-2008-0015, CVE-2008-0020, CVE-2008-4038, CVE-2008-4114, CVE-2008-4250, CVE-2008-4609, CVE-2008-4835, CVE-2009-0086, CVE-2009-0089, CVE-2009-0550, CVE-2009-1925, CVE-2009-1926, CVE-2009-1930, CVE-2009-0901, CVE-2009-2493, CVE-2009-2494, CVE-2009-2505, CVE-2009-3676, CVE-2009-3677, CVE-2009-3678, CVE-2010-0020, CVE-2010-0021, CVE-2010-0022, CVE-2010-0231, CVE-2010-0239, CVE-2010-0240, CVE-2010-0241, CVE-2010-0242, CVE-2010-0269, CVE-2010-0270, CVE-2010-0476, CVE-2010-0477, CVE-2010-1263, CVE-2010-2550, CVE-2010-2551, CVE-2010-2552

BID: 31647, 31874, 31179, 33121, 33122, 34435, 34437, 34439, 31545, 35558, 35585, 35828, 35832, 35982, 35993, 36265, 36269, 36989, 37197, 37198, 38049, 38051, 38054, 38061, 38062, 38063, 38064, 38085, 39312, 39336, 39339, 39340, 40237, 40574, 42224, 42263, 42267

CERT: 827267, 180513, 456745

IAVA: 2008-A-0081, 2009-A-0077, 2009-A-0126, 2010-A-0030

IAVB: 2009-B-0037

EDB-ID: 6463, 6824, 7104, 7132, 9108, 16615, 14607

MSFT: MS08-063, MS08-067, MS09-001, MS09-013, MS09-037, MS09-042, MS09-048, MS09-071, MS10-009, MS10-012, MS10-020, MS10-043, MS10-054, MS10-083

MSKB: 957095, 958644, 958687, 960803, 967723, 960859, 973354, 973507, 973540, 973815, 973869, 974318, 971468, 974145, 980232, 979687, 982214, 2032276

CWE: 16, 20, 94, 119, 189, 255, 264, 287, 310, 362, 399