Описание
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-2246
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-047
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6060
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://secunia.com/advisories/31411
- http://www.securityfocus.com/bid/30634
- http://www.securitytracker.com/id?1020678
- http://www.us-cert.gov/cas/techalerts/TA08-225A.html
- http://www.vupen.com/english/advisories/2008/2351
Связанные уязвимости
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.