Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2008-12-10 |
Product | Search Server | Last view | 2008-12-10 |
Version | 2008 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:microsoft:search_server:2008:*:x32:*:*:*:*:* | 1 |
cpe:2.3:a:microsoft:search_server:2008:*:x64:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2008-12-10 | CVE-2008-4032 | Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-287 | Improper Authentication |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5774 | Access Control Vulnerability |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
50585 | Microsoft Office SharePoint Server Administrative URL Security Bypass |
OpenVAS Exploits
id | Description |
---|---|
2008-12-12 | Name : Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of ... File : nvt/secpod_ms08-077.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2008-B-0082 | Microsoft Office SharePoint Server and Microsoft Search Server Remote Privile... Severity: Category I - VMSKEY: V0017911 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Office SharePoint Server elevation of privilege exploit attempt RuleID : 15108 - Type : SERVER-WEBAPP - Revision : 13 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2008-12-10 | Name: A user can elevate his privileges through SharePoint. File: smb_nt_ms08-077.nasl - Type: ACT_GATHER_INFO |