Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2010-04-14 |
| Product | Windows Server 2008 | Last view | 2022-06-15 |
| Version | - | Type | Os |
| Update | sp2 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | x86 | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2008 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2022-06-15 | CVE-2022-30155 | Windows Kernel Denial of Service Vulnerability. |
| 8.8 | 2022-06-15 | CVE-2022-30153 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. |
| 7.5 | 2022-06-15 | CVE-2022-30152 | Windows Network Address Translation (NAT) Denial of Service Vulnerability. |
| 7 | 2022-06-15 | CVE-2022-30151 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. |
| 7.5 | 2022-06-15 | CVE-2022-30149 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161. |
| 7.5 | 2022-06-15 | CVE-2022-30146 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
| 7.5 | 2022-06-15 | CVE-2022-30143 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
| 8.1 | 2022-06-15 | CVE-2022-30141 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
| 7.5 | 2022-06-15 | CVE-2022-30140 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability. |
| 7.8 | 2022-02-09 | CVE-2022-22718 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22717. |
| 7 | 2022-02-09 | CVE-2022-22717 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22718. |
| 5.5 | 2022-02-09 | CVE-2022-22710 | Windows Common Log File System Driver Denial of Service Vulnerability. |
| 7.8 | 2022-02-09 | CVE-2022-22000 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21981. |
| 7.8 | 2022-02-09 | CVE-2022-21999 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-22717, CVE-2022-22718. |
| 5.5 | 2022-02-09 | CVE-2022-21998 | Windows Common Log File System Driver Information Disclosure Vulnerability. |
| 7.1 | 2022-02-09 | CVE-2022-21997 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21999, CVE-2022-22717, CVE-2022-22718. |
| 7.8 | 2022-02-09 | CVE-2022-21989 | Windows Kernel Elevation of Privilege Vulnerability. |
| 5.5 | 2022-02-09 | CVE-2022-21985 | Windows Remote Access Connection Manager Information Disclosure Vulnerability. |
| 7.8 | 2022-02-09 | CVE-2022-21981 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22000. |
| 5.3 | 2022-01-11 | CVE-2022-21925 | Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability. |
| 5.3 | 2022-01-11 | CVE-2022-21924 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability. |
| 8.8 | 2022-01-11 | CVE-2022-21922 | Remote Procedure Call Runtime Remote Code Execution Vulnerability. |
| 8.8 | 2022-01-11 | CVE-2022-21920 | Windows Kerberos Elevation of Privilege Vulnerability. |
| 7 | 2022-01-11 | CVE-2022-21919 | Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895. |
| 7.8 | 2022-01-11 | CVE-2022-21916 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 62% (22) | CWE-269 | Improper Privilege Management |
| 11% (4) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 8% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 2% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 2% (1) | CWE-346 | Origin Validation Error |
| 2% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 2% (1) | CWE-200 | Information Exposure |
| 2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 2% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 63739 | Microsoft Windows SMTP / Exchange Server Malformed Command Sequence Remote In... |
| 63738 | Microsoft Windows SMTP / Exchange Server DNS Mail Exchanger (MX) Resource Rec... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-04-23 | Name : Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (... File : nvt/secpod_ms10-024.nasl |
| 2010-04-22 | Name : Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability File : nvt/gb_ms10_024.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0232 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0042582 |
| 2013-A-0187 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0040753 |
| 2013-A-0190 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0040763 |
| 2010-B-0029 | Multiple Vulnerabilities in Microsoft Exchange and Windows SMTP Service Severity: Category II - VMSKEY: V0023955 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-10-13 | Active Directory LDAP addRequest crafted dnsRecord information leak attempt RuleID : 55206 - Type : SERVER-OTHER - Revision : 1 |
| 2020-10-06 | Microsoft Windows Active Directory information disclosure attempt RuleID : 55140 - Type : SERVER-OTHER - Revision : 1 |
| 2020-10-06 | Microsoft Windows Active Directory information disclosure attempt RuleID : 55139 - Type : SERVER-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54533 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54532 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54531 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54530 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54529 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54528 - Type : FILE-OTHER - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53933 - Type : OS-WINDOWS - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53932 - Type : OS-WINDOWS - Revision : 1 |
| 2014-04-24 | ATMFD Adobe font driver reserved command denial of service attempt RuleID : 30241 - Type : FILE-OTHER - Revision : 2 |
| 2014-04-24 | ATMFD Adobe font driver reserved command denial of service attempt RuleID : 30240 - Type : FILE-OTHER - Revision : 2 |
| 2014-01-10 | ATMFD Adobe font driver reserved command denial of service attempt RuleID : 28203 - Type : FILE-OTHER - Revision : 4 |
| 2014-01-10 | ATMFD Adobe font driver reserved command denial of service attempt RuleID : 28202 - Type : FILE-OTHER - Revision : 3 |
| 2014-01-10 | Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service att... RuleID : 16534 - Type : SERVER-OTHER - Revision : 11 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote mail server may be affected by multiple vulnerabilities. File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO |
| 2013-10-09 | Name: The Windows kernel drivers on the remote host are affected by multiple vulner... File: smb_nt_ms13-081.nasl - Type: ACT_GATHER_INFO |
| 2013-10-09 | Name: The .NET Framework install on the remote Windows host could allow arbitrary c... File: smb_nt_ms13-082.nasl - Type: ACT_GATHER_INFO |
| 2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smb_nt_ms10-024.nasl - Type: ACT_GATHER_INFO |
| 2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smtp_kb981832.nasl - Type: ACT_GATHER_INFO |
