JVN Info.
- Id
- 8672
- Name
- JVNDB-2015-003992
- Title
- 複数の GE Healthcare Millennium 製品における脆弱性
- Summary
- GE Healthcare Millennium MG、NC、および MyoSIGHT は、以下のデフォルトのパスワードを使用するため、不特定の影響および攻撃を受ける脆弱性が存在します。
- Nvdinfo
- CVE-2002-2445
- Cvssv2
- 10
- Jvnurl
- http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003992.html
- Published Date
- 2015-07-10
- Registered Date
- 2015-08-06
- Last Updated Date
- 2015-08-06
Related Nessuslogs
| Id | Log ID | Jvninfo Id | Plugin ID | CVE | CVSS | Risk | Host | Protocol | Port | Name | Synopsis | Description | Solution | See Also | Plugin Output | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 51592 | H28_MUN_DWEB_Q4_172_16_240_seg.csv | 8672 | 89676 | CVE-2011-1785 | 7.8 | High | 172.16.240.115 | tcp | 443 | VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0007) (remote check) | The remote VMware ESX / ESXi host is missing a security-related patch. | The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - Multiple forgery vulnerabilities exist in the bundled version of MIT Kerberos 5 (krb5). An attacker can exploit these issues to impersonate a client, escalate privileges, and disclose sensitive information. (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4021) - A local arbitrary code execution vulnerability exists in the Kernel in the do_anonymous_page() function due to improper separation of the stack and the heap. A local attacker can exploit this vulnerability to execute arbitrary code. (CVE-2010-2240) - A denial of service vulnerability exists that allows a remote attacker to exhaust available sockets, preventing further connections. (CVE-2011-1785) - A denial of service vulnerability exists in the bundled version of lsassd in Likewise Open. A remote attacker can exploit this, via an Active Directory login attempt that provides a username containing an invalid byte sequence, to cause a daemon crash. (CVE-2011-1786) | Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1. | https://www.vmware.com/security/advisories/VMSA-2011-0007 http://lists.vmware.com/pipermail/security-announce/2011/000133.html | Version : ESX 4.0 Installed build : 208167 Fixed build : 392990 | |
| 57173 | H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv | 8672 | 89676 | CVE-2011-1785 | 7.8 | High | 172.16.240.115 | tcp | 443 | VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0007) (remote check) | The remote VMware ESX / ESXi host is missing a security-related patch. | The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - Multiple forgery vulnerabilities exist in the bundled version of MIT Kerberos 5 (krb5). An attacker can exploit these issues to impersonate a client, escalate privileges, and disclose sensitive information. (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4021) - A local arbitrary code execution vulnerability exists in the Kernel in the do_anonymous_page() function due to improper separation of the stack and the heap. A local attacker can exploit this vulnerability to execute arbitrary code. (CVE-2010-2240) - A denial of service vulnerability exists that allows a remote attacker to exhaust available sockets, preventing further connections. (CVE-2011-1785) - A denial of service vulnerability exists in the bundled version of lsassd in Likewise Open. A remote attacker can exploit this, via an Active Directory login attempt that provides a username containing an invalid byte sequence, to cause a daemon crash. (CVE-2011-1786) | Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1. | https://www.vmware.com/security/advisories/VMSA-2011-0007 http://lists.vmware.com/pipermail/security-announce/2011/000133.html | Version : ESX 4.0 Installed build : 208167 Fixed build : 392990 |
