Oval Definition:	oval:org.mitre.oval:def:27620
Revision Date: 2014-12-29 Version: 22 Title: TCP/IP Elevation of privilege vulnerability - CVE-2014-4076 (MS14-070) Description: Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-4076 Platform(s): Microsoft Windows Server 2003 Product(s): Definition Synopsis Windows 2003 Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 for Itanium is installed AND Check for file version Check if the version of Tcpip.sys is less than 5.2.3790.5440 OR Check if the the version of Tcpip6.sys is less than 5.2.3790.5440
BACK