SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Instant Messaging/IRC/Chat)  >   Microsoft Lync Vendors:   Microsoft
Microsoft Lync Bugs Permit Cross-Site Scripting and Denial of Service Attacks
SecurityTracker Alert ID:  1030821
SecurityTracker URL:  http://securitytracker.com/id/1030821
CVE Reference:   CVE-2014-4068, CVE-2014-4070, CVE-2014-4071   (Links to External Site)
Updated:  Sep 24 2014
Original Entry Date:  Sep 9 2014
Impact:   Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2010, 2013
Description:   Three vulnerabilities were reported in Microsoft Lync. A remote user can cause denial of service conditions. A remote user can conduct cross-site scripting attacks.

A remote user can send a specially crafted call to trigger an exception handling error on the server and cause the target system to stop responding [CVE-2014-4068].

Peter Schraffl of Telecommunication Software GmbH reported this vulnerability.

The server does not properly filter HTML code from user-supplied input before displaying the input [CVE-2014-4070]. A remote user can create a specially crafted URL that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the Microsoft Lync software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Noam Rathaus (via Beyond Security's SecuriTeam Secure Disclosure team) reported this vulnerability.

A remote user can send a specially crafted request to trigger a null dereference and cause the target system to stop responding [CVE-2014-4071].

Impact:   A remote user can cause the target system to stop responding.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Microsoft Lync software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Solution:   The vendor has issued the following fixes:

Microsoft Lync Server 2010 (Response Group Service):

http://www.microsoft.com/downloads/details.aspx?familyid=242b60fd-e25b-4ea3-9666-b9a4ea2e7dfd

Microsoft Lync Server 2013 (Server):

http://www.microsoft.com/downloads/details.aspx?familyid=ec851cbf-83eb-44d0-8325-56fc2d5e13fd

Microsoft Lync Server 2013 (Response Group Service):

http://www.microsoft.com/downloads/details.aspx?familyid=ec851cbf-83eb-44d0-8325-56fc2d5e13fd

Microsoft Lync Server 2013 (Core Components):

http://www.microsoft.com/downloads/details.aspx?familyid=ec851cbf-83eb-44d0-8325-56fc2d5e13fd

Microsoft Lync Server 2013 (Web Components Server):

http://www.microsoft.com/downloads/details.aspx?familyid=ec851cbf-83eb-44d0-8325-56fc2d5e13fd

[Editor's note: On September 16, 2014, the vendor updated their advisory to remove the fix for Microsoft Lync Server 2010 Server version because this version is not affected.]

[Editor's Note: On September 23, 2014, the vendor re-offered the 2982385 security update file (server.msp) for Microsoft Lync Server 2010. The vendor recommends that customers apply this update.]

A restart is not required.

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms14-055

Vendor URL:  technet.microsoft.com/library/security/ms14-055 (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC