Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2020 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS08-022.NASL
HistoryApr 08, 2008 - 12:00 a.m.

MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)

2008-04-0800:00:00
This script is Copyright (C) 2008-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

The remote host is running a version of Windows that contains a flaw in JScript.

An attacker may be able to execute arbitrary code on the remote host by constructing a malicious JScript and enticing a victim to visit a web site or view a specially crafted email message.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(31795);
 script_version("1.30");
 script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/05");

  script_cve_id("CVE-2008-0083");
 script_bugtraq_id(28551);
 script_xref(name:"MSFT", value:"MS08-022");
 script_xref(name:"MSKB", value:"944338");
 script_xref(name:"IAVB", value:"2008-B-0034-S");

 script_name(english:"MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)");
 script_summary(english:"Determines the presence of update 944338");

 script_set_attribute(attribute:"synopsis", value:
"Arbitrary code can be executed on the remote host through the web or
email client.");
 script_set_attribute(attribute:"description", value:
"The remote host is running a version of Windows that contains a flaw in
JScript.

An attacker may be able to execute arbitrary code on the remote host by
constructing a malicious JScript and enticing a victim to visit a web
site or view a specially crafted email message.");
  # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2008/ms08-022
  script_set_attribute(attribute:"see_also", value:"https://www.nessus.org/u?1185bb8b");
 script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Windows 2000, XP and
2003.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-0083");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"exploited_by_malware", value:"true");
 script_cwe_id(94);

 script_set_attribute(attribute:"vuln_publication_date", value:"2008/04/08");
 script_set_attribute(attribute:"patch_publication_date", value:"2008/04/08");
 script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/08");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
 script_set_attribute(attribute:"stig_severity", value:"II");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

  script_copyright(english:"This script is Copyright (C) 2008-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
 script_family(english:"Windows : Microsoft Bulletins");

 script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
 script_require_keys("SMB/MS_Bulletin_Checks/Possible");
 script_require_ports(139, 445, 'Host/patch_management_checks');
 exit(0);
}



include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS08-022';
kb = '944338';

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);

get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);

if (hotfix_check_sp_range(win2k:'4,5', xp:'2', win2003:'1,2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");

share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

if (
  hotfix_is_vulnerable(os:"5.2", sp:1, file:"Jscript.dll", version:"5.6.0.8835", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.2", sp:2, file:"Jscript.dll", version:"5.6.0.8835", dir:"\system32", bulletin:bulletin, kb:kb) ||

  hotfix_is_vulnerable(os:"5.1", sp:2, file:"Jscript.dll", version:"5.6.0.8835", dir:"\system32", bulletin:bulletin, kb:kb) ||

  hotfix_is_vulnerable(os:"5.0", file:"Jscript.dll", version:"5.6.0.8835", min_version:"5.6.0.0", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
  set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
  hotfix_security_warning();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

Related

securityvulns 2
prion 1
checkpoint_advisories 1
seebug 1
cve 1
securityvulns
securityvulns
Microsoft Windows VBScript / JScript buffer overflow
2008-04-08 00:00:00
Microsoft Security Bulletin MS08-022 – Critical Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution &#40;944338&#41;
2008-04-08 00:00:00
prion
prion
Code injection
2008-04-08 23:05:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Scripting Engines Script Encoding Code Execution (MS08-022; CVE-2008-0083)
2008-04-08 00:00:00
seebug
seebug
Microsoft VBScript和JScript脚本引擎远程溢出漏洞(MS08-022)
2008-04-11 00:00:00
cve
cve
CVE-2008-0083
2008-04-08 23:05:00
JSON
Related for SMB_NT_MS08-022.NASL
securityvulns2prion1checkpoint_advisories1seebug1cve1