Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2008-0074 | First vendor Publication | 2008-02-12 |
| Vendor | Cve | Last vendor Modification | 2021-02-05 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0074 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5389 | |||
| Oval ID: | oval:org.mitre.oval:def:5389 | ||
| Title: | Internet Information Services Local Privilege Elevation Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0074 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Information Server (IIS) 5.0 Microsoft Internet Information Server (IIS) 5.1 Microsoft Internet Information Server (IIS) 6.0 Microsoft Internet Information Server (IIS) 7.0 |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-01-13 | Name : Microsoft Internet Information Services Privilege Elevation Vulnerability (94... File : nvt/gb_ms08-005.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41456 | Microsoft IIS File Change Handling Local Privilege Escalation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-02-12 | Name : A local user can elevate his privileges on the remote host. File : smb_nt_ms08-005.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:08:00 |
|
| 2024-02-01 12:02:32 |
|
| 2023-09-05 12:07:28 |
|
| 2023-09-05 01:02:23 |
|
| 2023-09-02 12:07:34 |
|
| 2023-09-02 01:02:24 |
|
| 2023-08-12 12:08:53 |
|
| 2023-08-12 01:02:24 |
|
| 2023-08-11 12:07:37 |
|
| 2023-08-11 01:02:28 |
|
| 2023-08-06 12:07:17 |
|
| 2023-08-06 01:02:25 |
|
| 2023-08-04 12:07:23 |
|
| 2023-08-04 01:02:28 |
|
| 2023-07-14 12:07:21 |
|
| 2023-07-14 01:02:25 |
|
| 2023-03-29 01:08:19 |
|
| 2023-03-28 12:02:31 |
|
| 2022-10-11 12:06:31 |
|
| 2022-10-11 01:02:15 |
|
| 2021-05-04 12:06:56 |
|
| 2021-04-22 01:07:25 |
|
| 2021-02-06 09:22:44 |
|
| 2021-02-05 21:23:14 |
|
| 2020-11-24 00:22:46 |
|
| 2020-05-23 00:21:03 |
|
| 2019-07-06 00:19:18 |
|
| 2019-07-04 12:02:07 |
|
| 2018-10-31 00:19:51 |
|
| 2018-10-13 00:22:38 |
|
| 2017-09-29 09:23:21 |
|
| 2016-06-28 17:09:54 |
|
| 2016-04-26 16:59:06 |
|
| 2014-02-17 10:43:16 |
|
| 2013-05-11 00:05:59 |
|
