Summary
This host installed with TLS/SSL protocol which is prone to Spoofing Vulnerability
Impact
Successful exploitation could allow remote attackers to prepend content into a legitimate, client-initiated request to a server in the context of a valid TLS/SSL-authenticated session.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/advisory/977377.mspx
Insight
The flaw is due to an error in TLS/SSL, allows a malicious man-in-the-middle attack to introduce and execute a request in the protected TLS/SSL session between a client and a server.
Affected
Microsoft Windows XP Service Pack 3 and prior
Microsoft Windows 2000 Service Pack 4 and prior
Microsoft Windows 2003 Service Pack 2 and prior
References
Severity
Classification
-
CVE CVE-2009-3555 -
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:N/I:P/A:P
Related Vulnerabilities