Detections
Analytics
MS12-032: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
medium Nessus Plugin ID 59040
Language:
Synopsis
The remote Windows host has multiple elevation of privilege vulnerabilities.Description
The remote Windows host is affected by multiple elevation of privilege vulnerabilities :- A flaw in the way outbound broadcast packets are handled could be utilized by an attacker to bypass the Windows Firewall defense-in-depth mechanism. (CVE-2012-0174)
- The TCP/IP stack is susceptible to an elevation of privilege vulnerability that is caused when the Windows TCP/IP stack fails to properly handle the binding of IPv6 addresses. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code with administrator privileges.
(CVE-2012-0179)
Solution
Microsoft has released a set of patches for Windows Vista, 2008, 7, and 2008 R2.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-032
Plugin Details
Severity: Medium
ID: 59040
File Name: smb_nt_ms12-032.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 5/9/2012
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: Medium
Base Score: 6.9
Temporal Score: 5.1
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 5/8/2012
Vulnerability Publication Date: 5/8/2012
Reference Information
CVE: CVE-2012-0174, CVE-2012-0179
MSFT: MS12-032
MSKB: 2688338