Executive Summary

Summary
TitleSecurity Update for WebDAV to Address Elevation of Privilege (3136041)
Informations
NameMS16-016First vendor Publication2016-02-09
VendorMicrosoftLast vendor Modification2016-02-09
Severity (Vendor) N/ARevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning (WebDAV) client to improperly validate input.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS16-016

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2
Os1
Os1
Os1
Os2
Os2
Os1

Snort® IPS/IDS

DateDescription
2016-03-14Microsoft Windows WebDAV mini redirector driver privilege escalation attempt
RuleID : 37587 - Revision : 2 - Type : OS-WINDOWS
2016-03-14Microsoft Windows WebDAV mini redirector driver privilege escalation attempt
RuleID : 37586 - Revision : 2 - Type : OS-WINDOWS

Metasploit Database

idDescription
2016-02-09 MS16-016 mrxdav.sys WebDav Local Privilege Escalation

Nessus® Vulnerability Scanner

DateDescription
2016-02-09Name : The remote host is affected by an elevation of privilege vulnerability.
File : smb_nt_ms16-016.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
DateInformations
2016-02-19 21:28:50
  • Multiple Updates
2016-02-17 21:30:29
  • Multiple Updates
2016-02-12 21:26:52
  • Multiple Updates
2016-02-11 21:29:32
  • Multiple Updates
2016-02-10 17:29:11
  • Multiple Updates
2016-02-10 13:23:49
  • Multiple Updates
2016-02-09 21:30:20
  • Multiple Updates
2016-02-09 21:17:24
  • First insertion