SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   Windows Media Player Vendors:   Microsoft
Windows Media Player Service Principal Name NTLM Authentication Implementation Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1021373
SecurityTracker URL:  http://securitytracker.com/id/1021373
CVE Reference:   CVE-2008-3009   (Links to External Site)
Updated:  Nov 25 2009
Original Entry Date:  Dec 10 2008
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.4
Description:   A vulnerability was reported in Windows Media Player. A remote user can cause arbitrary code to be executed on the target user's system.

The Service Principal Name (SPN) implementations do not properly implement NTLM credential-reflection protections. A remote server can capture the target user's authentication credentials and then reflect the credentials back to the target user's system or forward them on to other remote systems.

This can be exploited to execute arbitrary code on the target user's system.

Impact:   A remote user can execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Server Service Pack 4, Windows Media Player 6.4:

http://www.microsoft.com/downloads/details.aspx?familyid=C33D558E-45F9-4E85-B48C-03BD0E8CB4BC

Windows XP Service Pack 2 and Windows XP Service Pack 3, Windows Media Player 6.4:

http://www.microsoft.com/downloads/details.aspx?familyid=99241309-E644-4088-A8F3-38837FAB4037

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Player 6.4:

http://www.microsoft.com/downloads/details.aspx?familyid=946D47C9-B208-4FAB-8EF6-774413D61BC8

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Media Player 6.4:

http://www.microsoft.com/downloads/details.aspx?familyid=2315CE20-2F46-42C2-BB40-045F003409D7

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Player 6.4:

http://www.microsoft.com/downloads/details.aspx?familyid=4C29BED9-1B88-4D2F-80A5-305C2BEDD89F

Microsoft Windows 2000 Service Pack 4, Windows Media Format Runtime 7.1 and Windows Media Format Runtime 9.0:

http://www.microsoft.com/downloads/details.aspx?familyid=6A459497-0AB8-41CB-87D0-B551631D8D8A

Windows XP Service Pack 2, Windows Media Format Runtime 9.0, Windows Media Format Runtime 9.5, and Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=504F816C-F554-4B93-AC28-B085574D9BAC

Windows XP Service Pack 3, Windows Media Format Runtime 9.0, Windows Media Format Runtime 9.5, and Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=AD76FCF3-A2F9-4E36-BD1B-C1536749173C

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 and Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=644EF023-EE40-45B0-9C9D-C76D9FAB0005

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?familyid=AE9E8B07-5354-42F3-A226-BA2193244524

Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Media Format Runtime 11 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?familyid=2DADC017-2BE5-4240-AB8F-0291756DCA6B

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Media Format Runtime 9.5:

http://www.microsoft.com/downloads/details.aspx?familyid=D8958248-C889-499E-A6A9-3B394CDB27EA

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 9.5:

http://www.microsoft.com/downloads/details.aspx?familyid=2278022E-A716-46C0-BEDF-D626933BD815

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 9.5 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?familyid=AE9E8B07-5354-42F3-A226-BA2193244524

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Format Runtime 11 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?familyid=2DADC017-2BE5-4240-AB8F-0291756DCA6B

Windows Vista and Windows Vista Service Pack 1, Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=1FCDC8DD-26D9-4D1A-8B3F-7B6A21A95999

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1, Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=8839F6CD-DFBF-448C-BF1E-1DA9BB5F3F25

Windows Server 2008 for 32-bit Systems, Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=91EC4195-BC1C-444E-A7B0-EBDE46C088FA

Windows Server 2008 for x64-based Systems, Windows Media Format Runtime 11:

http://www.microsoft.com/downloads/details.aspx?familyid=8CAB6FE8-161D-4D8C-9772-EB3174A2C3C3

On January 13, 2009, Microsoft reported that new update packages for Windows Media Format Runtime 9.5 on Windows XP Service Pack 2 (KB952069) and on Windows XP Service Pack 3 (KB952069) are available.

On November 24, 2009, Microsoft updated MS08-076 to indicate that the update for Windows XP Embedded operating system has be re-released. Customers using Windows XP Embedded operating system should apply the new fix.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms08-076.mspx (Links to External Site)
Cause:   Authentication error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC