Intel PXE Server Remote Overflow

critical Nessus Plugin ID 11612

Language:

Synopsis

Arbitrary code may be run on the remote server.

Description

The remote host is running PXE (Preboot eXecution Environment), a service which can be used to boot diskless clients.

There is a flaw in the remote PXE which may allow an attacker to gain a root shell on this host.

*** Nessus disabled this service to perform this security check

Solution

Upgrade or disable this service.

Plugin Details

Severity: Critical

ID: 11612

File Name: pxe_overflow.nasl

Version: 1.20

Type: remote

Published: 5/9/2003

Updated: 3/6/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 7129