Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Windows Client/Server Run |
Informations | |||
---|---|---|---|
Name | MS11-056 | First vendor Publication | 2011-07-12 |
Vendor | Microsoft | Last vendor Modification | 2011-07-21 |
Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Important |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-056 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
40 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12362 | |||
Oval ID: | oval:org.mitre.oval:def:12362 | ||
Title: | CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability | ||
Description: | The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1283 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12402 | |||
Oval ID: | oval:org.mitre.oval:def:12402 | ||
Title: | CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability | ||
Description: | The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL pointer in an unspecified function call, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1282 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12602 | |||
Oval ID: | oval:org.mitre.oval:def:12602 | ||
Title: | CSRSS Local EOP AllocConsole Vulnerability | ||
Description: | The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a process, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP AllocConsole Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1281 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12734 | |||
Oval ID: | oval:org.mitre.oval:def:12734 | ||
Title: | CSRSS Local EOP SrvWriteConsoleOutput Vulnerability | ||
Description: | Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutput Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1284 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12889 | |||
Oval ID: | oval:org.mitre.oval:def:12889 | ||
Title: | CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability | ||
Description: | Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1870 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-07-13 | Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938) File : nvt/secpod_ms11-056.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73796 | Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ... |
73795 | Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow |
73794 | Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow |
73793 | Microsoft Windows CSRSS SrvSetConsoleNumberOfCommand() Function Kernel Memory... |
73792 | Microsoft Windows CSRSS AllocConsole() Function Multiple Console Object Orpha... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft CSRSS integer overflow attempt RuleID : 19464 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows CSRSS double free attempt RuleID : 19463 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows CSRSS negative array index code execution attempt RuleID : 19462 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | Microsoft CSRSS NULL Fontface pointer attempt RuleID : 19461 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows CSRSS multiple consoles on a single process attempt RuleID : 19460 - Revision : 7 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-07-12 | Name : Users can elevate their privileges on the remote host. File : smb_nt_ms11-056.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:47:02 |
|
2014-01-19 21:30:42 |
|