Course Hero Logo

CYB400_ProjectOne.docx - PROJECT ONE: SECURITY ASSESEMENT...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 3 out of 4 pages.

Kristi ElliotCYB 400: SECURITY ASSESMENT & AUDITINGSouthern New Hampshire UniversityPROJECT ONE: SECURITYASSESEMENTASSESMENTATIONS
Scheduled MaintenanceThe OpenVAS report of BrainMeld's network shows two vulnerabilities in the ScheduledMaintenance category. The first vulnerability is NVT: Microsoft Windows SMB Server NTLMMultiple Vulnerabilities. The report states that the host is missing a critical security update,according to Microsoft Bulletin MS10-012. The OpenVAS scan provided insight into thisvulnerability, which includes the following information: an input validation error exists whileprocessing SMB requests and can be exploited to cause a buffer overflow via a specially craftedSMB packet,an error exists in the SMB implementation while parsing SMB packets during theNegotiate phase causing memory corruption via a specially crafted SMB packet, NULL pointerdereference error exists in SMB while verifying the 'share' and 'servername' ˝elds in SMBpackets causing denial of service, and a lack of cryptographic entropy when the SMB servergenerates challenges during SMB NTLM authentication and can be exploited to bypass theauthentication mechanism.If a threat actor exploits this vulnerability, it would have a disastrous impact. It would allowremote attackers to execute arbitrary code or cause a denial of service (DoS). Attackers couldalso use brute force to bypass authentication mechanisms. Mitigating this vulnerability would beeasy because Microsoft has released a security update to fix it. Our cybersecurity teamrecommends that IT staff download and install a security update as soon as possible. The updateshould take less than a few hours to complete and configure. The IT staff should reference theofficial Microsoft Bulletin MS10-012 for this vulnerability to find the correct update and

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 4 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A
Tags
Computer Security, Microsoft SQL Server, Exploit

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture