SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Drivers Vendors:   Microsoft
Microsoft Windows WebDAV Kernel-Mode Driver Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1031531
SecurityTracker URL:  http://securitytracker.com/id/1031531
CVE Reference:   CVE-2015-0011   (Links to External Site)
Date:  Jan 13 2015
Impact:   User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT, RT 8.1; and prior service packs
Description:   A vulnerability was reported in Microsoft Windows WebDAV Kernel-Mode Driver. A local user can obtain elevated privileges on the target system.

The WebDAV kernel-mode driver (mrxdav.sys) does not properly validate and enforce impersonation levels. A local user can exploit this to gain elevated privileges and intercept WebDAV requests for files from arbitrary servers and redirect those requests to return arbitrary files.

James Forshaw of Google Project Zero reported this vulnerability.

Impact:   A local user can intercept WebDAV requests for files from arbitrary servers and redirect those requests to return arbitrary files.
Solution:   The vendor has issued the following fixes:

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=5F9F2F1B-C262-4383-A18A-E55AAAAF9720

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=B6C87206-0F63-4DED-A4B4-AF8E3221E317

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=A0D509C1-754D-4623-A0EA-BEEC462DAA5B

Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=5EA1CF71-5A13-4334-9643-A539409F2B1C

Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=596880E4-8072-4D8D-9A9E-84CFD8F76650

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=968408C2-DE0D-42F4-87FB-46DB27865A34

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=8A04418C-AEAA-469C-9939-8C0D0726FF3B

Windows 7 for 32-bit Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=BD38BB72-CEAA-42D6-BCAF-0FF91FC69987

Windows 7 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=97CD3BAD-FBFF-4CDC-9A03-E6C807EC7CD8

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=2160B5CA-CC19-4BA2-9589-483557049AD5

Windows 8 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=9F8E70D3-2710-497E-8065-42B855227EE0

Windows 8 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=E7308A13-2703-4BA6-A09E-A54E003C8729

Windows 8.1 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=B9913A15-30D5-407C-9190-0CDC00712BDF

Windows 8.1 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=B89407F9-1D9C-4538-939E-CAD2665E7788

Windows Server 2012:

http://www.microsoft.com/downloads/details.aspx?familyid=45D0C3F1-26A5-4694-B864-79F3DB7E9E3A

Windows Server 2012 R2:

http://www.microsoft.com/downloads/details.aspx?familyid=549282B7-2F31-4263-9A3F-D4A0CFA0BB0F

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms15-008

Vendor URL:  technet.microsoft.com/library/security/ms15-008 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC