Details of VAR-201009-0027

ID

VAR-201009-0027

CVE

CVE-2010-2730

TITLE

Microsoft Internet Information Services Vulnerable to buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2010-002097

DESCRIPTION

Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability.". Microsoft IIS is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 7.5 on Windows 7 and Windows Server 2008 R2. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft IIS FastCGI Request Header Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41375 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41375/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41375/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41375/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Internet Information Services, which can be exploited by malicious people to compromise a vulnerable system. Successful exploitation requires that FastCGI is enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Travis Raybold, Rubicon West. ORIGINAL ADVISORY: MS10-065 (KB2267960, KB2271195): http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-257A Microsoft Updates for Multiple Vulnerabilities Original release date: September 14, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for September 2010 describes multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for September 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-257A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-257A Feedback VU#447990" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History September 14, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTI/u6T6pPKYJORa3AQKfgQgAsBDEHMH+Dq73qHFwsGnUIBWi7DkAV64s 0tz109GDGQRXL/MkXwWfaFfDc+h4ZUgjfVv93GBjK0NI78mYOWxSS7Pd3WhD6TaH YFcDcF4IW06Er4wEjgR+y5fTvF17k3Cix0GdsVzet/I2XMd4uCnIrHyLzLgZhf5s sWtv+kLaqCKUl8zsmcpmTcKUt+V2U3VWGeICIwuZXjB8FNHWuzYN1r/togFt0tcA 16gtGSCmdJy6Er+FyXxTJvWX4uJywBTDtIZZY/xyhGp2dBWUdOfY1k+7C5Dp/tCY Rq9tOY6caxHUYmitTtABaop83jTJFnS53lQJo4UizDNQoNbRSUIVFA== =dDpT -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2010-2730 // JVNDB: JVNDB-2010-002097 // BID: 43138 // VULMON: CVE-2010-2730 // PACKETSTORM: 93826 // PACKETSTORM: 93868

AFFECTED PRODUCTS

vendor:	microsoft	model:	iis	scope:	eq	version:	7.5	Trust: 1.7
vendor:	microsoft	model:	internet information services	scope:	eq	version:	7.5	Trust: 1.0
vendor:	microsoft	model:	windows 7	scope:	eq	version:	(x32)	Trust: 0.8
vendor:	microsoft	model:	windows 7	scope:	eq	version:	(x64)	Trust: 0.8
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	r2(itanium)	Trust: 0.8
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	r2(x64)	Trust: 0.8
vendor:	avaya	model:	messaging application server mm	scope:	eq	version:	3.1	Trust: 0.3
vendor:	avaya	model:	messaging application server mm	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	messaging application server mm	scope:	eq	version:	2.0	Trust: 0.3
vendor:	avaya	model:	messaging application server mm	scope:	eq	version:	1.1	Trust: 0.3
vendor:	avaya	model:	messaging application server	scope:	eq	version:	5	Trust: 0.3
vendor:	avaya	model:	messaging application server	scope:	eq	version:	4	Trust: 0.3
vendor:	avaya	model:	messaging application server	scope:	eq	version:	0	Trust: 0.3
vendor:	avaya	model:	meeting exchange webportal	scope:	eq	version:	-0	Trust: 0.3
vendor:	avaya	model:	meeting exchange web conferencing server	scope:	eq	version:	-0	Trust: 0.3
vendor:	avaya	model:	meeting exchange streaming server	scope:	eq	version:	-0	Trust: 0.3
vendor:	avaya	model:	meeting exchange recording server	scope:	eq	version:	-0	Trust: 0.3
vendor:	avaya	model:	meeting exchange client registration server	scope:	eq	version:	-0	Trust: 0.3
vendor:	avaya	model:	callpilot unified messaging	scope:	eq	version:	0	Trust: 0.3
vendor:	avaya	model:	aura conferencing standard	scope:	eq	version:	6.0	Trust: 0.3

sources: BID: 43138 // JVNDB: JVNDB-2010-002097 // CNNVD: CNNVD-201009-133 // NVD: CVE-2010-2730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-2730
value:	HIGH
Trust: 1.0
NVD:	CVE-2010-2730
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201009-133
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2010-2730
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2010-2730
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: VULMON: CVE-2010-2730 // JVNDB: JVNDB-2010-002097 // CNNVD: CNNVD-201009-133 // NVD: CVE-2010-2730

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2010-002097 // NVD: CVE-2010-2730

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201009-133

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201009-133

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-002097

PATCH

title:	MS10-065	url:	http://www.microsoft.com/technet/security/bulletin/MS10-065.mspx	Trust: 0.8
title:	MS10-065	url:	http://www.microsoft.com/japan/technet/security/bulletin/ms10-065.mspx	Trust: 0.8
title:	MS10-065e	url:	http://www.microsoft.com/japan/security/bulletins/MS10-065e.mspx	Trust: 0.8
title:	TA10-257A	url:	http://software.fujitsu.com/jp/security/vulnerabilities/ta10-257a.html	Trust: 0.8
title:	Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2271195)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=34197	Trust: 0.6
title:	Security Update for Windows 7 for x64-based Systems (KB2271195) Security Update for Windows Server 2008 R2 x64 Edition (KB2271195)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=34196	Trust: 0.6
title:	Security Update for Windows 7 (KB2271195)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=34195	Trust: 0.6
title:	-	url:	https://github.com/bioly230/THM_Alfred	Trust: 0.1

sources: VULMON: CVE-2010-2730 // JVNDB: JVNDB-2010-002097 // CNNVD: CNNVD-201009-133

EXTERNAL IDS

db:	NVD	id:	CVE-2010-2730	Trust: 2.8
db:	BID	id:	43138	Trust: 1.1
db:	USCERT	id:	TA10-257A	Trust: 0.9
db:	SECUNIA	id:	41375	Trust: 0.9
db:	VUPEN	id:	ADV-2010-2386	Trust: 0.8
db:	USCERT	id:	SA10-257A	Trust: 0.8
db:	JVNDB	id:	JVNDB-2010-002097	Trust: 0.8
db:	CNNVD	id:	CNNVD-201009-133	Trust: 0.6
db:	VULMON	id:	CVE-2010-2730	Trust: 0.1
db:	PACKETSTORM	id:	93826	Trust: 0.1
db:	PACKETSTORM	id:	93868	Trust: 0.1

sources: VULMON: CVE-2010-2730 // BID: 43138 // JVNDB: JVNDB-2010-002097 // PACKETSTORM: 93826 // PACKETSTORM: 93868 // CNNVD: CNNVD-201009-133 // NVD: CVE-2010-2730

REFERENCES

url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6933	Trust: 1.7
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2730	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2010/at100023.txt	Trust: 0.8
url:	http://jvn.jp/cert/jvnta10-257a/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2730	Trust: 0.8
url:	http://secunia.com/advisories/41375	Trust: 0.8
url:	http://www.securityfocus.com/bid/43138	Trust: 0.8
url:	http://www.us-cert.gov/cas/alerts/sa10-257a.html	Trust: 0.8
url:	http://www.us-cert.gov/cas/techalerts/ta10-257a.html	Trust: 0.8
url:	http://www.vupen.com/english/advisories/2010/2386	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/#topics	Trust: 0.8
url:	http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx	Trust: 0.4
url:	http://www.microsoft.com/windowsserver2003/iis/default.mspx	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100110750	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/bioly230/thm_alfred	Trust: 0.1
url:	http://secunia.com/advisories/41375/	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/41375/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/advisories/windows_insecure_library_loading/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=41375	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://www.us-cert.gov/cas/techalerts/ta10-257a.html>	Trust: 0.1
url:	http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx>	Trust: 0.1
url:	http://www.us-cert.gov/cas/signup.html>.	Trust: 0.1
url:	http://www.us-cert.gov/legal.html>	Trust: 0.1
url:	http://technet.microsoft.com/en-us/wsus/default.aspx>	Trust: 0.1

sources: VULMON: CVE-2010-2730 // BID: 43138 // JVNDB: JVNDB-2010-002097 // PACKETSTORM: 93826 // PACKETSTORM: 93868 // CNNVD: CNNVD-201009-133 // NVD: CVE-2010-2730

CREDITS

Travis Raybold of Rubicon West

Trust: 0.9

sources: BID: 43138 // CNNVD: CNNVD-201009-133

SOURCES

db:	VULMON	id:	CVE-2010-2730
db:	BID	id:	43138
db:	JVNDB	id:	JVNDB-2010-002097
db:	PACKETSTORM	id:	93826
db:	PACKETSTORM	id:	93868
db:	CNNVD	id:	CNNVD-201009-133
db:	NVD	id:	CVE-2010-2730

LAST UPDATE DATE

2024-11-23T21:47:15.253000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2010-2730	date:	2021-02-05T00:00:00
db:	BID	id:	43138	date:	2010-10-25T15:38:00
db:	JVNDB	id:	JVNDB-2010-002097	date:	2010-10-05T00:00:00
db:	CNNVD	id:	CNNVD-201009-133	date:	2021-02-07T00:00:00
db:	NVD	id:	CVE-2010-2730	date:	2024-11-21T01:17:16.393

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2010-2730	date:	2010-09-15T00:00:00
db:	BID	id:	43138	date:	2010-09-14T00:00:00
db:	JVNDB	id:	JVNDB-2010-002097	date:	2010-10-05T00:00:00
db:	PACKETSTORM	id:	93826	date:	2010-09-14T14:58:49
db:	PACKETSTORM	id:	93868	date:	2010-09-15T03:00:39
db:	CNNVD	id:	CNNVD-201009-133	date:	2010-09-17T00:00:00
db:	NVD	id:	CVE-2010-2730	date:	2010-09-15T19:00:19.180