qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/CVE-2019-0708-BlueKeep-Micr...

47 lines
2.6 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE",
"Description": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.",
"Product": "rdp",
"Homepage": "http://www.ntfa.cn/product-70-cn.html",
"DisclosureDate": "2019-05-14",
"Author": "LubyRuffy",
"FofaQuery": "protocol=\"rdp\"",
"GobyQuery": "",
"Level": "3",
"Impact": "An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system",
"Recommendation": "Download patch from: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
"References": [
"https://github.com/zerosum0x0/CVE-2019-0708/",
"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
"https://nvd.nist.gov/vuln/detail/CVE-2019-0708",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0708"
],
"HasExp": false,
"ExpParams": null,
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"Tags": [
"rce"
],
"AttackSurfaces": {
"Service": ["rdp"]
},
"CVEIDs": [
"CVE-2019-0708"
],
"CVSSScore": "9.8"
}
Reference in New Issue View Git Blame Copy Permalink