OVAL Reference oval:org.cisecurity:def:881

Oval Definition:

oval:org.cisecurity:def:881

Revision Date:	2016-07-29	Version:	10
Title:	Windows SMB Server Elevation of Privilege Vulnerability - CVE-2016-3225 (MS16-075)
Description:	The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication request to an unintended service, aka "Windows SMB Server Elevation of Privilege Vulnerability."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2016-3225
Platform(s):	Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista	Product(s):
Definition Synopsis
Microsoft Windows Vista/Server 2008 is installed + file version Microsoft Windows Windows Vista/Server 2008 is installed Microsoft Windows Vista (32-bit) Service Pack 2 is installed OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Check for file version Check if srv.sys version is less than 6.0.6002.19659 OR Check for Limited Distribution Release (LDR) file version Check if srv.sys version is greater than or equal to 6.0.6002.23000 AND Check if srv.sys version is less than 6.0.6002.23974 OR Microsoft Windows 7/Server 2008 R2 is installed + file version Microsoft Windows 7/Server 2008 R2 is installed Microsoft Windows 7 (32-bit) Service Pack 1 is installed OR Microsoft Windows 7 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check if srv.sys version is less than 6.1.7601.23452 OR Microsoft Windows 8.1/Server 2012 R2 is installed + file version Microsoft Windows 8.1/Server 2012 R2 is installed Microsoft Windows 8.1 (x86) is installed OR Microsoft Windows 8.1 (x64) is installed OR Microsoft Windows Server 2012 R2 is installed AND Check if srv.sys version is less than 6.3.9600.18340 OR Microsoft Windows Server 2012 is installed + file version Microsoft Windows Server 2012 (64-bit) is installed AND Check if srv.sys version is less than 6.2.9200.21860 OR Microsoft Windows 10 is installed + file version Microsoft Windows 10 is installed Microsoft Windows 10 (32-bit) is installed OR Microsoft Windows 10 (64-bit) is installed AND Check if srv.sys version is less than 10.0.10240.16942 OR Microsoft Windows 10 Version 1511 is installed + file version Microsoft Windows 10 Version 1511 is installed Microsoft Windows 10 Version 1511 (32-bit) is installed OR Microsoft Windows 10 Version 1511 (64-bit) is installed AND Check if srv.sys version is less than 10.0.10586.420

BACK