ID

VAR-201006-1235

CVE

CVE-2010-1256

TITLE

Microsoft IIS Vulnerable to arbitrary code execution

DESCRIPTION

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability.". Microsoft IIS is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 6.0, 7.0 and 7.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-159B Microsoft Updates for Multiple Vulnerabilities Original release date: June 08, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft Office * Microsoft SharePoint Services * Microsoft .NET Framework Overview Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Office, Microsoft SharePoint Services, and Microsoft .NET Framework. I. Description The Microsoft Security Bulletin Summary for June 2010 describes vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint Services, and .NET Framework. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2010. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for June 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-159B.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-159B Feedback VU#855166" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 08, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTA6Wzj6pPKYJORa3AQLl4Qf/dTsaW53BBruyFOcypbooTw5ULG9E5wPa /DEiksCuX8hYOoev9jDDyhXZQIaE2OrkWdLpJJBtXwJJ4XhBqyni3fhQFrIkwGVQ 3w3068TGE6v/sjV/W/qWmkZjl4r+FIcR9VRlulLet9ZZAxoJ7VgTg/1O8eixr7SO HpO+Xb3l3d4/XUGtTKCu5DsTTD1l6qQr66m3l4o26Bj834qfh0fvfneZHXCy3PUH /lE3nFxH3M+JOQEdapgc/aYVnrcroZKix61lfs2S1NIUxvBAxea0UFZtywIId0hK Sh2LGp7tUlXpfk8oo8LMgKG1y25xYmLE5WYIhO4E6Mas3jT/9ArwHQ== =mq6Z -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management Free webinars http://secunia.com/vulnerability_scanning/corporate/webinars/ ---------------------------------------------------------------------- TITLE: Microsoft Internet Information Services Authentication Memory Corruption SECUNIA ADVISORY ID: SA40079 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40079/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40079 RELEASE DATE: 2010-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/40079/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40079/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40079 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Internet Information Services, which can be exploited by malicious users to potentially compromise a vulnerable system. The vulnerability is caused due to improper handling of authentication tokens and can be exploited to corrupt memory via a specially a crafted authentication packet. Successful exploitation requires the "Extended Protection for Authentication" feature to be enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-040 (KB982666): http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

code injection

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Microsoft

SOURCES

LAST UPDATE DATE

2024-11-23T20:28:30.323000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE