Microsoft VPN ActiveX Control Remote Code Execution Vulnerability (2695962)

2012-05-1000:00:00

plugins.openvas.org

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

JSON

Cisco Adaptive Security Appliance is prone to ActiveX control remote code execution vulnerability.

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.802774");
  script_version("2023-07-25T05:05:58+0000");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
  script_tag(name:"creation_date", value:"2012-05-10 11:55:58 +0530 (Thu, 10 May 2012)");
  script_name("Microsoft VPN ActiveX Control Remote Code Execution Vulnerability (2695962)");
  script_xref(name:"URL", value:"http://support.microsoft.com/kb/2695962");
  script_xref(name:"URL", value:"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2012/2695962");
  script_xref(name:"URL", value:"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient");
  script_cve_id("CVE-2012-0358");
  script_tag(name:"qod_type", value:"registry");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("General");
  script_dependencies("smb_reg_service_pack.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("SMB/WindowsVersion");

  script_tag(name:"impact", value:"Successful exploitation will let the attacker execute arbitrary codes on the
  affected machine.");

  script_tag(name:"affected", value:"- Microsoft Windows 7 Service Pack 1 and prior

  - Microsoft Windows XP Service Pack 3 and prior

  - Microsoft Windows 2003 Service Pack 2 and prior

  - Microsoft Windows Vista Service Pack 2 and prior

  - Microsoft Windows Server 2008 Service Pack 2 and prior

  - Microsoft Windows XP Service Pack 2 and prior for x64-based Systems

  - Microsoft Windows Server 2008 R2 Service Pack 1 and prior for x64-based Systems");

  script_tag(name:"insight", value:"The flaw is due to Cisco Adaptive Security Appliances (Cisco ASA),
  uses an ActiveX control on client systems to perform port forwarding
  operations. Microsoft ActiveX technology may be affected if the system has
  ever connected to a device that is running the Cisco Clientless VPN solution.");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"summary", value:"Cisco Adaptive Security Appliance is prone to ActiveX control remote code execution vulnerability.");

  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("smb_nt.inc");
include("secpod_activex.inc");

if(!get_kb_item("SMB/WindowsVersion")){
  exit(0);
}

if(is_killbit_set(clsid:"{B8E73359-3422-4384-8D27-4EA1B4C01232}") == 0){
  security_message( port: 0, data: "The target host was found to be vulnerable" );
}