Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2246

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-2246
Last Modified 07 Mar 2011 10:08:53
Published 12 Aug 2008 08:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2246

Summary

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.

Vulnerable Systems

Operating System

  • Microsoft Windows Vista

  • Microsoft Windows-nt 2008

  • Microsoft Windows-nt Vista


References

CERT - TA08-225A

BID - 30634

MS - MS08-047

SECUNIA - 31411

VUPEN - ADV-2008-2351

SECTRACK - 1020678

HP - SSRT080117

HP - HPSBST02360


Last Updated: 27 May 2016 10:47:28