Microsoft Windows Service Bus Denial of Service Vulnerability (2972621)

2014-07-0900:00:00

plugins.openvas.org

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.9%

JSON

This host is missing a moderate security update according to
Microsoft Bulletin MS14-042.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.804474");
  script_version("2023-07-27T05:05:08+0000");
  script_cve_id("CVE-2014-2814");
  script_tag(name:"cvss_base", value:"4.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
  script_tag(name:"last_modification", value:"2023-07-27 05:05:08 +0000 (Thu, 27 Jul 2023)");
  script_tag(name:"creation_date", value:"2014-07-09 15:14:23 +0530 (Wed, 09 Jul 2014)");
  script_tag(name:"solution_type", value:"VendorFix");
  script_name("Microsoft Windows Service Bus Denial of Service Vulnerability (2972621)");

  script_tag(name:"summary", value:"This host is missing a moderate security update according to
  Microsoft Bulletin MS14-042.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw is due to an unspecified error when handling Advanced Message
  Queuing Protocol (AMQP) messages and can be exploited to cause Microsoft
  Service Bus to stop responding to incoming messages by sending specially
  crafted AMQP messages.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to cause a Denial
  of Service.");

  script_tag(name:"affected", value:"- Microsoft Service Bus 1.1 on Microsoft Windows Server 2012/R2

  - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"qod_type", value:"executable_version");

  script_xref(name:"URL", value:"https://support.microsoft.com/kb/2972621");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/68393");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/security/bulletin/ms14-042");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("smb_reg_service_pack.nasl");
  script_mandatory_keys("SMB/WindowsVersion");
  script_require_ports(139, 445);
  exit(0);
}

include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if(hotfix_check_sp( win2008r2:2, win2012:1, win2012R2:1) <= 0){
  exit(0);
}

buskey = "SOFTWARE\Microsoft\Service Bus\1.1";

if(!registry_key_exists(key:buskey)){
  exit(0);
}

sysPath = registry_get_sz(key:buskey, item:"INSTALLDIR");
if("Service Bus" >!< sysPath){
  exit(0);
}

Win32sysVer = fetch_file_version(sysPath:sysPath, file_name:"Microsoft.ServiceBus.dll");
if(!Win32sysVer){
  exit(0);
}

if(version_is_less(version:Win32sysVer, test_version:"2.1.40512.2"))
{
  report = report_fixed_ver(installed_version:Win32sysVer, fixed_version:"2.1.40512.2", install_path:sysPath);
  security_message(port:0, data:report);
  exit(0);
}