|
Saturday, 12 December 2009 03:35 |
On Tuesday, December 8, Microsoft has released MS09-071 - Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318). This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service are only affected when using PEAP with MS-CHAP v2 authentication. The security update addresses the vulnerabilities by correcting the way Internet Authentication Service validates authentication requests by PEAP clients. Microsoft ratings for MS09-071: Maximum Severity Rating - Critical Impact of Vulnerability - Remote Code Execution MS09-071 addresses the following CVEs: Internet Authentication Service Memory Corruption Vulnerability - CVE-2009-2505 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2505 A remote code execution vulnerability exists in implementations of Protected Extensible Authentication Protocol (PEAP) on the Internet Authentication Service. The vulnerability is due to incorrect copying into memory of messages received by the server when handling PEAP authentication attempts. An attacker who successfully exploited this vulnerability could take complete control of an affected system. MS-CHAP Authentication Bypass Vulnerability - CVE-2009-3677 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3677 An elevation of privilege vulnerability exists in the Internet Authentication Service. An attacker could send a specially crafted Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) authentication request that could obtain access to network resources under the privileges of a specific, authorized user.
Source : http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=984107&poid=
|
