ID de Prueba:	1.3.6.1.4.1.25623.1.0.902116
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
Resumen:	This host is missing a critical security update according to Microsoft; Bulletin MS10-011.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-011. Vulnerability Insight: The issue is caused by an error in the 'Client/Server Run-time Subsystem' (CSRSS) that does not properly terminate user processes when a user logs out. Vulnerability Impact: Successful exploitation could allow remote attackers to monitor all actions performed by other logged-in users or run arbitrary code in kernel mode. Affected Software/OS: - Microsoft Windows 2000 Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0023 Cert/CC Advisory: TA10-040A http://www.us-cert.gov/cas/techalerts/TA10-040A.html Microsoft Security Bulletin: MS10-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8304 http://secunia.com/advisories/38509
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.