Synopsis
The remote Windows host is affected by multiple vulnerabilities.
Description
The remote Windows host is missing multiple security updates released on 2017/11/14. It is, therefore, affected by multiple vulnerabilities :
- An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.
(CVE-2017-11880)
- An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2017-11832, CVE-2017-11835)
- An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2017-11847)
- An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2017-11831, CVE-2017-11849, CVE-2017-11853)
- A denial of service vulnerability exists when Windows Search improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.
(CVE-2017-11788)
- A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2017-11851, CVE-2017-11852)
Solution
Apply the following security updates :
- 4046184
- 4047211
- 4048968
- 4048970
- 4049164
Plugin Details
File Name: smb_nt_ms17_nov_win2008.nasl
Agent: windows
Supported Sensors: Nessus Agent, Nessus
Risk Information
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows_server_2008
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: Exploits are available
Patch Publication Date: 11/14/2017
Vulnerability Publication Date: 11/14/2017
Reference Information
CVE: CVE-2017-11788, CVE-2017-11831, CVE-2017-11832, CVE-2017-11835, CVE-2017-11847, CVE-2017-11849, CVE-2017-11851, CVE-2017-11852, CVE-2017-11853, CVE-2017-11880
BID: 101711, 101721, 101726, 101729, 101736, 101739, 101755, 101762, 101763, 101764