CVE-2008-2246

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Vista; Windows-nt
Vendor: CVE Published:; 13 August 2008

Summary

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.us-cert.gov/cas/techalerts/TA08-225A.html

third-party-advisoryx_refsource_CERT

http://marc.info/?l=bugtraq&m=121915960406986&w=2

vendor-advisoryx_refsource_HP

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 13, 2008
Vulnerability Reserved
May 16, 2008

Collectors

NVD DatabaseMitre Database