CVE-2014-6321

Опубликовано: 11 нояб. 2014

Источник: nvd

CVSS2: 10

EPSS Критический

Описание

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."

Ссылки

http://blog.beyondtrust.com/triggering-ms14-066
Exploit
Third Party Advisory
http://marc.info/?l=bugtraq&m=142384364031268&w=2
Exploit
Mailing List
Third Party Advisory
http://secunia.com/advisories/59800
Third Party Advisory
http://www.kb.cert.org/vuls/id/505120
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/70954
Third Party Advisory
VDB Entry
http://www.securitysift.com/exploiting-ms14-066-cve-2014-6321-aka-winshock/
Exploit
Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-318A
Third Party Advisory
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-066
Patch
Vendor Advisory
http://blog.beyondtrust.com/triggering-ms14-066
Exploit
Third Party Advisory
http://marc.info/?l=bugtraq&m=142384364031268&w=2
Exploit
Mailing List
Third Party Advisory
http://secunia.com/advisories/59800
Third Party Advisory
http://www.kb.cert.org/vuls/id/505120
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/70954
Third Party Advisory
VDB Entry
http://www.securitysift.com/exploiting-ms14-066-cve-2014-6321-aka-winshock/
Exploit
Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-318A
Third Party Advisory
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-066
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.9327

Критический

10 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-fv59-6vgm-w859

github

больше 3 лет назад