Summary
This host is missing an moderate security update according to Microsoft Bulletin MS14-042
Impact
Successful exploitation will allow remote attackers to cause a Denial of Service.
Impact Level: Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms14-042
Insight
The flaw is due to an unspecified error when handling Advanced Message Queuing Protocol (AMQP) messages and can be exploited to cause Microsoft Service Bus to stop responding to incoming messages by sending specially crafted AMQP messages.
Affected
Microsoft Service Bus 1.1 on
Microsoft Windows Server 2012/R2
Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVE CVE-2014-2814 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft Window XML Core Services Information Disclosure Vulnerability (2966061)
- Microsoft Windows LSASS Denial of Service Vulnerability (975467)
- Microsoft .NET Framework Security Bypass Vulnerability (2984625)
- Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
- Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (2829254)