Detections
Analytics
MS10-009: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
critical Nessus Plugin ID 44419
Language:
Synopsis
The remote host has multiple vulnerabilities in its TCP/IP implementation.Description
The remote Windows host has the following vulnerabilities in its TCP/IP implementation :- Hosts with IPv6 enabled perform insufficient bounds checking when processing specially crafted ICMPv6 Router Advertisement packets. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0239)
- Specially crafted Encapsulating Security Payloads (ESP) are not processed properly. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0240)
- Hosts with IPv6 enabled perform insufficient bounds checking when processing specially crafted ICMPv6 Route Information packets. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0241)
- Specially crafted TCP packets with a malformed selective acknowledgment (SACK) value can cause the system to stop responding and automatically restart. A remote attacker could exploit this to cause a denial of service. (CVE-2009-0242)
Solution
Microsoft has released a set of patches for Windows Vista and 2008.See Also
Plugin Details
Severity: Critical
ID: 44419
File Name: smb_nt_ms10-009.nasl
Version: 1.26
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 2/9/2010
Updated: 8/5/2020
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/9/2010
Vulnerability Publication Date: 2/9/2010
Exploitable With
Core Impact
Reference Information
CVE: CVE-2010-0239, CVE-2010-0240, CVE-2010-0241, CVE-2010-0242