ID de Prueba:	1.3.6.1.4.1.25623.1.0.112140
Categoría:	Windows
Título:	Microsoft Windows Rogue Root Certificate Authorities Detection
Resumen:	One or more dangerous self-signed certificates are present on the host machine.
Descripción:	Summary: One or more dangerous self-signed certificates are present on the host machine. Vulnerability Impact: Successful exploitation might allow attackers to use Man in the Middle attacks against the target and its users to show them manipulated HTTPS webpages or read their encrypted data. Solution: Ensure that the affected certificates are not being trusted anymore. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2077 BugTraq ID: 72693 http://www.securityfocus.com/bid/72693 Cert/CC Advisory: TA15-051A http://www.us-cert.gov/cas/techalerts/TA15-051A.html CERT/CC vulnerability note: VU#529496 http://www.kb.cert.org/vuls/id/529496 http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VOq6Yfn8Fp4 http://blog.erratasec.com/2015/02/some-notes-on-superfish.html#.VOq6Yvn8Fp4 http://marcrogers.org/2015/02/19/lenovo-installs-adware-on-customer-laptops-and-compromises-all-ssl/ http://www.theguardian.com/technology/2015/feb/19/lenovo-accused-compromising-user-security-installing-adware-pcs-superfish http://www.wired.com/2015/02/lenovo-superfish/ https://blog.filippo.io/komodia-superfish-ssl-validation-is-broken/ https://www.facebook.com/notes/protect-the-graph/windows-ssl-interception-gone-wild/1570074729899339 http://www.securitytracker.com/id/1031779 Common Vulnerability Exposure (CVE) ID: CVE-2015-2078
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.