I use domain admin credentials when I scan and I have verified that the registry entry \HKLM\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB948590 is there and the version of GDI32.dll is 5.2.3790.4237 but I keep getting the following error in my report.
Vulnerabilities in GDI Could Allow Remote Code Execution (948590) Synopsis : Arbitrary code can be executed on the remote host by sending a malformed file to a victim. Description : The remote host contains a version of Microsoft Windows is missing a critical security update which fixes several vulnerabilities in the Graphic Rendering Engine, and in the way Windows handles Metafiles. An attacker may exploit these flaws to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to send a specially crafted image to a user on the remote host, or lure him into visiting a rogue website containing such a file. Solution : Microsoft has released a set of patches for Windows 2000, XP, 2003 and Vista : http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx Risk factor : High / CVSS Base Score : 9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE : CVE-2008-1083, CVE-2008-1087 BID : 28570, 28571 Other references : OSVDB:44213, OSVDB:44214, OSVDB:44215 Nessus ID : 31794
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
