SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   Windows Media Services Vendors:   Microsoft
Windows Media Services Service Principal Name NTLM Authentication Implementation Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1021372
SecurityTracker URL:  http://securitytracker.com/id/1021372
CVE Reference:   CVE-2008-3009   (Links to External Site)
Updated:  Nov 25 2009
Original Entry Date:  Dec 10 2008
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.1, 9, 2008
Description:   Two vulnerabilities were reported in Windows Media Services. A remote user can cause arbitrary code to be executed on the target user's system.

The Service Principal Name (SPN) implementations do not properly implement NTLM credential-reflection protections. A remote server can capture the target user's authentication credentials and then reflect the credentials back to the target user's system or forward them on to other remote systems.

This can be exploited to execute arbitrary code on the target user's system.

Impact:   A remote user can execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Server Service Pack 4, Windows Media Services 4.1:

http://www.microsoft.com/downloads/details.aspx?familyid=58B7D241-CEF6-48FA-AA52-017695F71DB1

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Media Services 9 Series:

http://www.microsoft.com/downloads/details.aspx?familyid=E71ABC2D-D60E-444A-9B7B-062C5805FE9E

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2, Windows Media Services 9 Series:

http://www.microsoft.com/downloads/details.aspx?familyid=E0030155-1A9A-46CC-BBC8-6D0D1ED65C1F

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2*, Windows Media Services 2008:

http://www.microsoft.com/downloads/details.aspx?familyid=FFB5D945-7F98-4849-B020-ED4873FA42DF

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems SP2*, Windows Media Services 2008:

http://www.microsoft.com/downloads/details.aspx?familyid=0204A366-5641-4036-9CB0-A46D04AF9D72

On November 24, 2009, Microsoft updated MS08-076 to indicate that the update for Windows XP Embedded operating system has be re-released. Customers using Windows XP Embedded operating system should apply the new fix.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms08-076.mspx (Links to External Site)
Cause:   Authentication error
Underlying OS:  Windows (2000), Windows (2003), Windows (2008)
Underlying OS Comments:  2000 SP4, 2003 SP2, 2008 SP2; and prior service packs

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC