Windows Server Message Block Parsing Errors Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1025328 |
|
SecurityTracker URL: http://securitytracker.com/id/1025328
|
|
CVE Reference:
CVE-2011-0654, CVE-2011-0660
(Links to External Site)
|
Date: Apr 12 2011
|
Impact:
Execution of arbitrary code via network, Root access via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1; and prior service packs
|
Description:
Two vulnerabilities were reported in Windows Server Message Block. A remote user can execute arbitrary code on the target system.
A remote user can send a specially crafted Computer Browser message to trigger a parsing error in the target client's CIFS Browser Protocol implementation and execute arbitrary code on the target system [CVE-2011-0654]. The code will run with the System-level privileges.
A remote user can send a specially crafted SMB response to the connect client to trigger a parsing error and execute arbitrary code on the target system [CVE-2011-0660].
|
Impact:
A remote user can execute arbitrary code on the target system.
|
Solution:
The vendor has issued the following fixes:
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=F5378E7B-4619-4C42-9D9F-87B209C6D878
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=C01441DA-8933-4F60-923B-D9B00DB8BA3D
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=D46FE0BF-28C2-4696-87BC-DD3C8287FC28
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=CA0FB4D3-7651-4760-83FA-B71C86CBE459
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=87EB8B93-9829-45EC-9528-52787732044E
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=DA8DD55D-6630-484E-836C-9FEEAB5CC311
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=040F8B46-F458-4A72-A1B0-AD8A65A1194C
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=F8C9390A-5CA1-492A-9E35-A516DE48DEB5
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=B0CFD5E0-6DE5-4863-B5E4-B223A0E36D72
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=8EAF51CD-2F6E-4BBC-BC4F-9DEED03649AC
Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=0DCBA089-19F7-46CA-9E52-24EAEBAD4715
Windows 7 for 32-bit Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=0DCBA089-19F7-46CA-9E52-24EAEBAD4715
Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=B7FD356A-56D0-4638-8901-40ACFA600F25
Windows 7 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=B7FD356A-56D0-4638-8901-40ACFA600F25
Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=27A3847B-695B-4F60-AEA5-86B0DBE68945
Windows Server 2008 R2 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=27A3847B-695B-4F60-AEA5-86B0DBE68945
Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=1E7D3F21-BDBD-4826-855D-85422AA5F836
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=1E7D3F21-BDBD-4826-855D-85422AA5F836
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms11-019.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms11-019.mspx (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 12 Apr 2011 17:43:03 +0000
Subject: http://www.microsoft.com/technet/security/bulletin/ms11-019.mspx
|
Microsoft Security Bulletin MS11-019 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)
CVE-2011-0654
CVE-2011-0660
[solution_section]
The vendor has issued the following fixes:
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=F5378E7B-4619-4C42-9D9F-87B209C6D878
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=C01441DA-8933-4F60-923B-D9B00DB8BA3D
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=D46FE0BF-28C2-4696-87BC-DD3C8287FC28
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=CA0FB4D3-7651-4760-83FA-B71C86CBE459
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=87EB8B93-9829-45EC-9528-52787732044E
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=DA8DD55D-6630-484E-836C-9FEEAB5CC311
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=040F8B46-F458-4A72-A1B0-AD8A65A1194C
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=F8C9390A-5CA1-492A-9E35-A516DE48DEB5
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=B0CFD5E0-6DE5-4863-B5E4-B223A0E36D72
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=8EAF51CD-2F6E-4BBC-BC4F-9DEED03649AC
Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=0DCBA089-19F7-46CA-9E52-24EAEBAD4715
Windows 7 for 32-bit Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=0DCBA089-19F7-46CA-9E52-24EAEBAD4715
Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=B7FD356A-56D0-4638-8901-40ACFA600F25
Windows 7 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=B7FD356A-56D0-4638-8901-40ACFA600F25
Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=27A3847B-695B-4F60-AEA5-86B0DBE68945
Windows Server 2008 R2 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=27A3847B-695B-4F60-AEA5-86B0DBE68945
Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=1E7D3F21-BDBD-4826-855D-85422AA5F836
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=1E7D3F21-BDBD-4826-855D-85422AA5F836
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms11-019.mspx
[/solution_section]
[bugno]2511455
[msno]MS11-019
[severity]Critical
|
|
