Test ID:	1.3.6.1.4.1.25623.1.0.902580
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Host Integration Server Denial of Service Vulnerabilities (2607670)
Summary:	This host is missing an important security update according to; Microsoft Bulletin MS11-082.
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS11-082. Vulnerability Insight: Multiple flaws are due to input validation errors when processing certain requests can be exploited to trigger an infinite loop, corrupt memory and cause the snabase.exe, snaserver.exe, snalink.exe, or mngagent.exe process to stop responding via specially crafted requests sent to UDP port 1478 or TCP ports 1477 and 1478. Vulnerability Impact: Successful exploitation could allow remote attackers to cause the application to become unresponsive or to crash, denying service to legitimate users. Affected Software/OS: - Microsoft Host Integration for Microsoft Windows Server 2009/2010 - Microsoft Host Integration for Microsoft Windows Server 2006 SP1 and prior - Microsoft Host Integration for Microsoft Windows Server 2004 SP1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2007 Microsoft Security Bulletin: MS11-082 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13040 Common Vulnerability Exposure (CVE) ID: CVE-2011-2008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12915
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.