Windows Media Player Service Principal Name NTLM Authentication Implementation Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1021373 |
|
SecurityTracker URL: http://securitytracker.com/id/1021373
|
|
CVE Reference:
CVE-2008-3009
(Links to External Site)
|
Updated: Nov 25 2009
|
Original Entry Date: Dec 10 2008
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 6.4
|
Description:
A vulnerability was reported in Windows Media Player. A remote user can cause arbitrary code to be executed on the target user's system.
The Service Principal Name (SPN) implementations do not properly implement NTLM credential-reflection protections. A remote server can capture the target user's authentication credentials and then reflect the credentials back to the target user's system or forward them on to other remote systems.
This can be exploited to execute arbitrary code on the target user's system.
|
Impact:
A remote user can execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued the following fixes:
Microsoft Windows 2000 Server Service Pack 4, Windows Media Player 6.4:
http://www.microsoft.com/downloads/details.aspx?familyid=C33D558E-45F9-4E85-B48C-03BD0E8CB4BC
Windows XP Service Pack 2 and Windows XP Service Pack 3, Windows Media Player 6.4:
http://www.microsoft.com/downloads/details.aspx?familyid=99241309-E644-4088-A8F3-38837FAB4037
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Player 6.4:
http://www.microsoft.com/downloads/details.aspx?familyid=946D47C9-B208-4FAB-8EF6-774413D61BC8
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Media Player 6.4:
http://www.microsoft.com/downloads/details.aspx?familyid=2315CE20-2F46-42C2-BB40-045F003409D7
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Player 6.4:
http://www.microsoft.com/downloads/details.aspx?familyid=4C29BED9-1B88-4D2F-80A5-305C2BEDD89F
Microsoft Windows 2000 Service Pack 4, Windows Media Format Runtime 7.1 and Windows Media Format Runtime 9.0:
http://www.microsoft.com/downloads/details.aspx?familyid=6A459497-0AB8-41CB-87D0-B551631D8D8A
Windows XP Service Pack 2, Windows Media Format Runtime 9.0, Windows Media Format Runtime 9.5, and Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=504F816C-F554-4B93-AC28-B085574D9BAC
Windows XP Service Pack 3, Windows Media Format Runtime 9.0, Windows Media Format Runtime 9.5, and Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=AD76FCF3-A2F9-4E36-BD1B-C1536749173C
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 and Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=644EF023-EE40-45B0-9C9D-C76D9FAB0005
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?familyid=AE9E8B07-5354-42F3-A226-BA2193244524
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 11 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?familyid=2DADC017-2BE5-4240-AB8F-0291756DCA6B
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Media Format Runtime 9.5:
http://www.microsoft.com/downloads/details.aspx?familyid=D8958248-C889-499E-A6A9-3B394CDB27EA
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 9.5:
http://www.microsoft.com/downloads/details.aspx?familyid=2278022E-A716-46C0-BEDF-D626933BD815
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?familyid=AE9E8B07-5354-42F3-A226-BA2193244524
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 11 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?familyid=2DADC017-2BE5-4240-AB8F-0291756DCA6B
Windows Vista and Windows Vista Service Pack 1, Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=1FCDC8DD-26D9-4D1A-8B3F-7B6A21A95999
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1, Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=8839F6CD-DFBF-448C-BF1E-1DA9BB5F3F25
Windows Server 2008 for 32-bit Systems, Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=91EC4195-BC1C-444E-A7B0-EBDE46C088FA
Windows Server 2008 for x64-based Systems, Windows Media Format Runtime 11:
http://www.microsoft.com/downloads/details.aspx?familyid=8CAB6FE8-161D-4D8C-9772-EB3174A2C3C3
On January 13, 2009, Microsoft reported that new update packages for Windows Media Format Runtime 9.5 on Windows XP Service Pack 2 (KB952069) and on Windows XP Service Pack 3 (KB952069) are available.
On November 24, 2009, Microsoft updated MS08-076 to indicate that the update for Windows XP Embedded operating system has be re-released. Customers using Windows XP Embedded operating system should apply the new fix.
The vendor's advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms08-076.mspx (Links to External Site)
|
Cause:
Authentication error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
