概要
リモートの Windows ホストは、複数の脆弱性の影響を受けます。
説明
リモートのWindowsホストでMicrosoft Server Message Block 1.0(SMBv1)が有効になっています。したがって、以下の複数の脆弱性による影響を受けます。
- Multiple information disclosure vulnerabilities exist in Microsoft Server Message Block 1.0 (SMBv1) due to improper handling of SMBv1 packets. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted SMBv1 packet, to disclose sensitive information. (CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276)
- Multiple denial of service vulnerabilities exist in Microsoft Server Message Block 1.0 (SMBv1) due to improper handling of requests. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted SMB request, to cause the system to stop responding. (CVE-2017-0269, CVE-2017-0273, CVE-2017-0280)
- Multiple remote code execution vulnerabilities exist in Microsoft Server Message Block 1.0 (SMBv1) due to improper handling of SMBv1 packets. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted SMBv1 packet, to execute arbitrary code. (CVE-2017-0272, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279)
Depending on the host's security policy configuration, this plugin cannot always correctly determine if the Windows host is vulnerable if the host is running a later Windows version (i.e., Windows 8.1, 10, 2012, 2012 R2, and 2016) specifically that named pipes and shares are allowed to be accessed remotely and anonymously. Tenable does not recommend this configuration, and the hosts should be checked locally for patches with one of the following plugins, depending on the Windows version : 100054, 100055, 100057, 100059, 100060, or 100061.
ソリューション
Apply the applicable security update for your Windows version :
- Windows Server 2008 : KB4018466
- Windows 7 : KB4019264
- Windows Server 2008 R2 : KB4019264
- Windows Server 2012 : KB4019216
- Windows 8.1 / RT 8.1. : KB4019215
- Windows Server 2012 R2 : KB4019215
- Windows 10 : KB4019474
- Windows 10 Version 1511 : KB4019473
- Windows 10 Version 1607 : KB4019472
- Windows 10 Version 1703 : KB4016871
- Windows Server 2016 : KB4019472
プラグインの詳細
ファイル名: ms17_may_smbv1.nasl
エージェント: windows
サポートされているセンサー: Nessus
リスク情報
ベクトル: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
ベクトル: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C
脆弱性情報
CPE: cpe:/o:microsoft:windows
必要な KB アイテム: Host/OS, SMB/SMBv1_is_supported
エクスプロイトの容易さ: No known exploits are available
参照情報
CVE: CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280
BID: 98259, 98260, 98261, 98263, 98264, 98265, 98266, 98267, 98268, 98270, 98271, 98272, 98273, 98274
MSKB: 4016871, 4018466, 4019213, 4019214, 4019215, 4019216, 4019263, 4019264, 4019472, 4019473, 4019474