New Relic: stamp2-azure-ext.newrelic.com is vulnerable to MS12-020

2018-07-21T07:33:11
ID H1:384882
Type hackerone
Reporter scrszy
Modified 2018-07-24T23:09:29

Description

Hi security team member,

On stamp2-azure-ext.newrelic.com, there is running Windows Server 2008, which is vulnerable to MS12-020. {F322944}

Step to reproduce

To show exploit, the server will shut down. 1- Download the attached file with the name MS12-020.rb 2- Run the below command on terminal ruby MS12-020.rb stamp2-azure-ext.newrelic.com

The above command will shut down the server. So keep in mind before doing anything. Let me know if more information is needed to my end. Thanks

Impact

An attacker is able to shut down the server. Also he/she can get access of server after restart.