Vulnerabilities > CVE-2017-0051 - Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
Attack vector
ADJACENT_NETWORK Attack complexity
HIGH Privileges required
HIGH Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0074, CVE-2017-0076, CVE-2017-0097, CVE-2017-0098, and CVE-2017-0099.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Msbulletin
| bulletin_id | MS17-008 |
| bulletin_url | |
| date | 2017-03-14T00:00:00 |
| impact | Remote Code Execution |
| knowledgebase_id | 4013082 |
| knowledgebase_url | |
| severity | Critical |
| title | Security Update for Windows Hyper-V |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS17-008.NASL |
| description | The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to improper validation of vSMB packets. An attacker on a guest operating system can exploit these vulnerabilities, via a specially crafted application, to execute arbitrary code on the host. (CVE-2017-0021, CVE-2017-0095) - Multiple denial of service vulnerabilities exist due to improper validation of input from a privileged user on a guest operating system. An attacker with a privileged account on a guest operating system can exploit these vulnerabilities, via a specially crafted application, to crash the host machine. (CVE-2017-0051, CVE-2017-0074, CVE-2017-0076, CVE-2017-0097, CVE-2017-0098, CVE-2017-0099) Note that customers who have not enabled the Hyper-V role are not affected. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 97745 |
| published | 2017-03-15 |
| reporter | This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/97745 |
| title | MS17-008: Security Update for Windows Hyper-V (4013082) |