MS16-076: Security Update for Netlogon (3167691)
high Nessus Plugin ID 91604
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote Windows host is affected by a remote code execution vulnerability.Description
The remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to improper handling of objects in memory. A domain-authenticated attacker can exploit this, via a specially crafted Netlogon request to a domain controller, to execute arbitrary code.Solution
Microsoft has released a set of patches for Windows 2008, 2008 R2, 2012, and 2012 R2.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-076
Plugin Details
Severity: High
ID: 91604
File Name: smb_nt_ms16-076.nasl
Version: 1.9
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 6/14/2016
Updated: 11/19/2019
Dependencies: smb_hotfixes.nasl, ms_bulletin_checks_possible.nasl
Risk Information
CVSS Score Source: CVE-2016-3228
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Temporal Vector: E:U/RL:OF/RC:C
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 6/14/2016
Vulnerability Publication Date: 6/14/2016
Reference Information
CVE: CVE-2016-3228
BID: 91120