Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
TitleVulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594)
Informations
NameMS12-054First vendor Publication2012-08-14
VendorMicrosoftLast vendor Modification2013-07-09
Severity (Vendor) CriticalRevision2.2

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2705219 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

Summary: This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted response to a Windows print spooler request.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms12-054

CWE : Common Weakness Enumeration

%idName
50 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
25 %CWE-134Uncontrolled Format String (CWE/SANS Top 25)
25 %CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15669
 
Oval ID: oval:org.mitre.oval:def:15669
Title: Remote Administration Protocol Denial of Service Vulnerability - MS12-054
Description: The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote attackers to cause a denial of service (service hang) via crafted RAP packets, aka "Remote Administration Protocol Denial of Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1850
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15531
 
Oval ID: oval:org.mitre.oval:def:15531
Title: Print Spooler Service Format String Vulnerability - MS12-054
Description: Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spooler Service Format String Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1851
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15079
 
Oval ID: oval:org.mitre.oval:def:15079
Title: Remote Administration Protocol Heap Overflow Vulnerability - MS12-054
Description: Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1852
Version: 3
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15408
 
Oval ID: oval:org.mitre.oval:def:15408
Title: Remote Administration Protocol Stack Overflow Vulnerability - MS12-054
Description: Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1853
Version: 3
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os4
Os1
Os7
Os2
Os2

OpenVAS Exploits

DateDescription
2012-08-15Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms12-054.nasl

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-08-16IAVM : 2012-A-0137 - Multiple Vulnerabilities in Microsoft Windows Networking Components
Severity : Category I - VMSKEY : V0033657

Snort® IPS/IDS

DateDescription
2014-03-06Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment b...
RuleID : 29513 - Revision : 4 - Type : OS-WINDOWS
2014-01-10Microsoft Windows SMB RAP API NetServerEnum2 long comment buffer overflow att...
RuleID : 24336 - Revision : 12 - Type : OS-WINDOWS
2014-01-10Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow...
RuleID : 24007 - Revision : 15 - Type : OS-WINDOWS
2014-01-10MS-RAP NetServerEnum2 read access violation attempt
RuleID : 23847 - Revision : 3 - Type : NETBIOS
2014-01-10Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow...
RuleID : 23839 - Revision : 18 - Type : OS-WINDOWS
2014-01-10Microsoft Windows SMB NetServerEnum response host format string exploit attempt
RuleID : 23838 - Revision : 11 - Type : OS-WINDOWS
2014-01-10Microsoft Windows SMB host announcement format string exploit attempt
RuleID : 23837 - Revision : 7 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2012-08-15Name : The remote Windows host is potentially affected by multiple code execution vu...
File : smb_nt_ms12-054.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2016-07-22 12:05:39
  • Multiple Updates
2014-03-06 21:20:52
  • Multiple Updates
2014-02-17 11:47:24
  • Multiple Updates
2014-01-19 21:30:52
  • Multiple Updates
2013-11-11 12:41:30
  • Multiple Updates
2013-07-09 21:16:48
  • Multiple Updates