Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS17_JUN_OFFICE_SHAREPOINT.NASL
HistoryJun 14, 2017 - 12:00 a.m.

Security Update for Microsoft SharePoint Server (June 2017)

2017-06-1400:00:00
This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
235

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.202 Low

EPSS

Percentile

96.4%

JSON

The Microsoft SharePoint Server installed on the remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities :

  • Multiple remote code execution vulnerabilities exist in Microsoft Office due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit these, by convincing a user to open a specially crafted document, to execute arbitrary code in the context of the current user. (CVE-2017-8509, CVE-2017-8511, CVE-2017-8512)

  • A remote code execution vulnerability exists in Microsoft PowerPoint due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted file, to execute arbitrary code in the context of the current user. (CVE-2017-8513)

  • A reflective cross-site scripting (XSS) vulnerability exists in Microsoft SharePoint Server due improper validation of user-supplied input in web requests. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2017-8514)

  • An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. (CVE-2017-8551)

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(100787);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/14");

  script_cve_id(
    "CVE-2017-8509",
    "CVE-2017-8511",
    "CVE-2017-8512",
    "CVE-2017-8513",
    "CVE-2017-8514",
    "CVE-2017-8551"
  );
  script_bugtraq_id(
    98812,
    98815,
    98816,
    98830,
    98831,
    98913
  );
  script_xref(name:"MSKB", value:"3127894");
  script_xref(name:"MSKB", value:"3172445");
  script_xref(name:"MSKB", value:"3203384");
  script_xref(name:"MSKB", value:"3203385");
  script_xref(name:"MSKB", value:"3203387");
  script_xref(name:"MSKB", value:"3203388");
  script_xref(name:"MSKB", value:"3203390");
  script_xref(name:"MSKB", value:"3203397");
  script_xref(name:"MSKB", value:"3203398");
  script_xref(name:"MSKB", value:"3203399");
  script_xref(name:"MSKB", value:"3203430");
  script_xref(name:"MSKB", value:"3203431");
  script_xref(name:"MSKB", value:"3203432");
  script_xref(name:"MSKB", value:"3203458");
  script_xref(name:"MSFT", value:"MS17-3127894");
  script_xref(name:"MSFT", value:"MS17-3172445");
  script_xref(name:"MSFT", value:"MS17-3203384");
  script_xref(name:"MSFT", value:"MS17-3203385");
  script_xref(name:"MSFT", value:"MS17-3203387");
  script_xref(name:"MSFT", value:"MS17-3203388");
  script_xref(name:"MSFT", value:"MS17-3203390");
  script_xref(name:"MSFT", value:"MS17-3203397");
  script_xref(name:"MSFT", value:"MS17-3203398");
  script_xref(name:"MSFT", value:"MS17-3203399");
  script_xref(name:"MSFT", value:"MS17-3203430");
  script_xref(name:"MSFT", value:"MS17-3203431");
  script_xref(name:"MSFT", value:"MS17-3203432");
  script_xref(name:"MSFT", value:"MS17-3203458");
  script_xref(name:"IAVA", value:"2017-A-0179-S");

  script_name(english:"Security Update for Microsoft SharePoint Server (June 2017)");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The Microsoft SharePoint Server installed on the remote Windows host
is missing a security update. It is, therefore, affected by multiple
vulnerabilities :

  - Multiple remote code execution vulnerabilities exist in
    Microsoft Office due to improper handling of objects in
    memory. An unauthenticated, remote attacker can exploit
    these, by convincing a user to open a specially crafted
    document, to execute arbitrary code in the context of
    the current user. (CVE-2017-8509, CVE-2017-8511,
    CVE-2017-8512)

  - A remote code execution vulnerability exists in
    Microsoft PowerPoint due to improper handling of objects
    in memory. An unauthenticated, remote attacker can
    exploit this, by convincing a user to open a specially
    crafted file, to execute arbitrary code in the context
    of the current user. (CVE-2017-8513)

  - A reflective cross-site scripting (XSS) vulnerability
    exists in Microsoft SharePoint Server due improper
    validation of user-supplied input in web requests. An
    unauthenticated, remote attacker can exploit this, via a
    specially crafted request, to execute arbitrary script
    code in a user's browser session. (CVE-2017-8514)

  - An elevation of privilege vulnerability exists when
    Microsoft SharePoint Server does not properly sanitize 
    a specially crafted web request to an affected
    SharePoint server. An authenticated attacker could
    exploit the vulnerability by sending a specially crafted
    request to an affected SharePoint server. (CVE-2017-8551)");
  script_set_attribute(attribute:"see_also", value:"https://portal.msrc.microsoft.com/en-us/security-guidance/summary");
  script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for SharePoint Server 2007;
SharePoint Server 2010; SharePoint Enterprise Server 2013 and 2016;
SharePoint Foundation 2013; Word Automation Services on Microsoft
SharePoint Server 2010; and Microsoft Office Project Server 2013.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-8513");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/06/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/06/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:office");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:sharepoint_server");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:sharepoint_foundation");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("microsoft_sharepoint_installed.nbin", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl", "microsoft_office_compatibility_pack_installed.nbin", "microsoft_project_installed.nbin");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include('vcf_extras_microsoft.inc');

var app_info = vcf::microsoft::sharepoint::get_app_info();
var kb_checks = 
[
  {
    'product'      : '2016',
    'kb'           : '3203432',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '16.0.0.0',
    'version'      : '16.0.4549.1000',
    'edition'      : 'Server',
    'file'         : 'sword.dll',
    'product_name' : 'SharePoint Enterprise Server 2016'
  },
  {
    'product'      : '2013',
    'kb'           : '3203399',
    'path'         :  app_info.path,
    'append'       : "Bin",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'schedengine.exe',
    'product_name' : 'Microsoft Project Server 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203390',
    'path'         :  app_info.path,
    'append'       : "Bin",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4929.1000',
    'edition'      : 'Server',
    'file'         : 'xlsrv.dll',
    'product_name' : 'Office SharePoint Server 2013 Excel Services SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203431',
    'path'         :  app_info.path,
    'append'       : "Bin",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'mssmsg.dll',
    'product_name' : 'SharePoint Foundation 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203384',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'sword.dll',
    'product_name' : 'Office SharePoint Server 2013 Word Automation Services SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203397',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'oartserver.dll',
    'product_name' : 'SharePoint Enterprise Server 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203387',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'msoserver.dll',
    'product_name' : 'SharePoint Enterprise Server 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203388',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Server',
    'file'         : 'htmlutil.dll',
    'product_name' : 'SharePoint Enterprise Server 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3172445',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4741.1000',
    'edition'      : 'Server',
    'file'         : 'ppintl.dll',
    'product_name' : 'SharePoint Enterprise Server 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203398',
    'path'         :  app_info.path,
    'append'       : "BIN",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Foundation',
    'file'         : 'onetutil.dll',
    'product_name' : 'Office Sharepoint Foundation 2013 SP1'
  },
  {
    'product'      : '2013',
    'kb'           : '3203385',
    'path'         :  app_info.path,
    'append'       : "WebServices\ConversionServices",
    'min_version'  : '15.0.0.0',
    'version'      : '15.0.4937.1000',
    'edition'      : 'Foundation',
    'file'         : 'msoserver.dll',
    'product_name' : 'Office Sharepoint Foundation 2013 SP1'
  },
  {
    'product'      : '2010',
    'kb'           : '3203458',
    'path'         :  app_info.path,
    'append'       : "WebServices\WordServer\Core",
    'min_version'  : '14.0.0.0',
    'version'      : '14.0.7182.5000',
    'edition'      : 'Server',
    'file'         : 'sword.dll',
    'product_name' : 'Office SharePoint Server 2010 Word Automation Services SP2'
  },
  {
    'product'      : '2007',
    'kb'           : '3127894',
    'path'         :  app_info.path,
    'min_version'  : '12.0.0.0',
    'version'      : '12.0.6770.5000',
    'edition'      : 'Server',
    'file'         : 'ppcnv.dll',
    'product_name' : 'PowerPoint Compatability Pack SP3'
  }
];
vcf::microsoft::sharepoint::check_version_and_report
(
  app_info:app_info, 
  bulletin:'MS17-06',
  constraints:kb_checks, 
  severity:SECURITY_HOLE
);
VendorProductVersionCPE
microsoftofficecpe:/a:microsoft:office
microsoftsharepoint_servercpe:/a:microsoft:sharepoint_server
microsoftsharepoint_foundationcpe:/a:microsoft:sharepoint_foundation

Related

openvas 27
mskb 33
nessus 3
seebug 1
kaspersky 2
cve 9
prion 9
nvd 9
cvelist 9
symantec 6
mscve 6
checkpoint_advisories 1
talosblog 1
trendmicroblog 1
openvas
openvas
Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB3203432)
2017-06-14 00:00:00
Microsoft SharePoint Enterprise Server 2013 Unspecified Vulnerability (KB3203387)
2017-06-15 00:00:00
Microsoft Office Multiple Vulnerabilities (KB3191944)
2017-06-14 00:00:00
mskb
mskb
Description of the security update for SharePoint Server 2016: June 13, 2017
2017-06-13 07:00:00
Description of the security update for SharePoint Server 2010 Office Web Apps: June 13, 2017
2017-06-13 07:00:00
Description of the security update for Word Automation Services on SharePoint Server 2013: June 13, 2017
2017-06-13 07:00:00
nessus
nessus
Security Update for Microsoft Office Web Apps Server / Office Online Server (June 2017)
2017-06-14 00:00:00
Security Update for Microsoft Office (June 2017) (macOS)
2017-06-13 00:00:00
Security Update for Microsoft Office Products (June 2017)
2017-06-14 00:00:00
seebug
seebug
A Look at --- SharePoint's Follow Feature XSS(CVE-2017-8514 )
2017-06-14 00:00:00
kaspersky
kaspersky
KLA11053 XSS vulnerabilities in Microsoft Sharepoint
2017-06-13 00:00:00
KLA11049 Multiple vulnerabilities in Microsoft Office
2017-06-13 00:00:00
cve
cve
CVE-2017-8509
2017-06-15 01:29:03
CVE-2017-0260
2017-06-15 01:29:01
CVE-2017-8506
2017-06-15 01:29:03
prion
prion
Remote code execution
2017-06-15 01:29:00
Remote code execution
2017-06-15 01:29:00
Remote code execution
2017-06-15 01:29:00
nvd
nvd
CVE-2017-0260
2017-06-15 01:29:01
CVE-2017-8510
2017-06-15 01:29:03
CVE-2017-8509
2017-06-15 01:29:03
cvelist
cvelist
CVE-2017-8510
2017-06-15 01:00:00
CVE-2017-8511
2017-06-15 01:00:00
CVE-2017-8512
2017-06-15 01:00:00
symantec
symantec
Microsoft SharePoint CVE-2017-8514 Cross Site Scripting Vulnerability
2017-06-13 00:00:00
Microsoft Office CVE-2017-8512 Remote Code Execution Vulnerability
2017-06-13 00:00:00
Microsoft Office CVE-2017-8511 Remote Code Execution Vulnerability
2017-06-13 00:00:00
mscve
mscve
Microsoft Office Remote Code Execution Vulnerability
2017-06-13 07:00:00
Microsoft Office Remote Code Execution Vulnerability
2017-06-13 07:00:00
Microsoft Office Remote Code Execution Vulnerability
2017-06-13 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Remote Code Execution (CVE-2017-8509)
2017-06-13 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - June 2017
2017-06-13 13:48:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017
2017-06-16 12:00:40

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.202 Low

EPSS

Percentile

96.4%

JSON
Related for SMB_NT_MS17_JUN_OFFICE_SHAREPOINT.NASL
openvas27mskb33nessus3seebug1kaspersky2cve9prion9nvd9cvelist9symantec6mscve6checkpoint_advisories1talosblog1trendmicroblog1