SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Microsoft Internet Authentication Service Vendors:   Microsoft
Microsoft Internet Authentication Service Bugs Let Remote Authenticated Users Execute Arbitrary Code or Gain Privileges of the Target User
SecurityTracker Alert ID:  1023291
SecurityTracker URL:  http://securitytracker.com/id/1023291
CVE Reference:   CVE-2009-2505, CVE-2009-3677   (Links to External Site)
Date:  Dec 8 2009
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Two vulnerabilities were reported in Microsoft Internet Authentication Service. A remote authenticated user can execute arbitrary code on the target system. A remote authenticated user can privileges of the target user.

A remote authenticated user can send specially crafted Protected Extensible Authentication Protocol (PEAP) authentication requests to trigger a memory error and execute arbitrary code on the target system [CVE-2009-2505]. The code will run with the privileges of the target service.

A remote authenticated user can send a specially crafted Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) authentication request to obtain access to network resources with the privilege of a target user [CVE-2009-3677].

Impact:   A remote authenticated user can execute arbitrary code on the target system. A remote authenticated user can gain access privileges of the target user.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?familyid=5b02d10d-1abd-4d68-826b-71dad543657a

Windows XP Service Pack 2 and Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=4d294be6-19d1-43b5-9c75-f9d30699a2e7

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=17b5206d-61e9-4663-afc7-80e98bf4d618

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=3d49b386-133a-4d51-b6f0-cec0c70ef93e

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=5a273b47-8a18-4778-9b60-8b560a1ce089

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=498f5eeb-d03e-42ee-ad6a-9d6f98c66acb

Windows Vista and Windows Vista Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=3e4ae4d0-1060-4867-82c5-7e20ea93c2c6

Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=3e4ae4d0-1060-4867-82c5-7e20ea93c2c6

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=2ca62ea8-67cb-40da-8a65-db6f3607bbab

Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=2ca62ea8-67cb-40da-8a65-db6f3607bbab

Windows Server 2008 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=582a1b15-214e-4f5e-bb5b-95677f4d5968

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=582a1b15-214e-4f5e-bb5b-95677f4d5968

Windows Server 2008 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=77e774b4-ec0c-481c-9e93-eee9f44ec71b

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=77e774b4-ec0c-481c-9e93-eee9f44ec71b

Windows Server 2008 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=89defe77-7e82-4bfa-9693-66c93b930da1

Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=89defe77-7e82-4bfa-9693-66c93b930da1

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-071.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-071.mspx (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2000), Windows (2003), Windows (2008), Windows (Vista), Windows (XP)
Underlying OS Comments:  2000 SP4, 2003 SP2, XP SP3, Vista SP2, 2008 SP2; and prior service packs

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC