Remote Code Execution Vulnerability in Telnet - MS09-042ID: oval:org.secpod.oval:def:2371 | Date: (C)2011-10-03 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS09-042. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Telnet service, which fails validate authentication replies and allows for the relay of credentials. Successful exploitation could allow an attacker to obtain credentials and then use them to log back into affected systems and it could also allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Telnet Service |