The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities :

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

Detections

Analytics

Security Updates for Windows Server 2008 (July 2018)

high Nessus Plugin ID 111007

Version 1.9

Version 1.8

Version 1.9 Sep 5, 2024, 8:16 AM CVSS metrics ("CVSSv3 score" set to 7.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") CVSSv3 score source (set to "CVE-2018-8282") CVSSv3 severity (based on CVE-2018-8282, severity increased from "Medium" to "High") Exploit attributes ("Exploit available" set to "False") Plugin Feed: 202409050816
Version 1.8 Jun 17, 2024, 3:35 PM Plugin metadata (add more granular CPEs to Windows OS plugins) Plugin Feed: 202406171535