Ravens PHP Scripts

Microsoft WebDAV Mini-Redirector Code Execution Vulnerability
Date: Tuesday, February 12, 2008 @ 17:34:19 PST
Topic: Security


SECUNIA ADVISORY ID: SA28894

VERIFY ADVISORY: http://secunia.com/advisories/28894/

CRITICAL: Highly critical

IMPACT: System access

OPERATING SYSTEM:
Microsoft Windows XP Home Edition http://secunia.com/product/16/
Microsoft Windows XP Professional http://secunia.com/product/22/
Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003 http://secunia.com/product/12399/
Microsoft Windows Vista http://secunia.com/product/13223/

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the WebDAV Mini-Redirector (a.k.a Web Client service) when handling long pathnames in WebDAV responses. This can be exploited to cause a heap-based buffer overflow via a specially crafted WebDAV response. Successful exploitation allows execution of arbitrary code.



SOLUTION: Apply patches.
Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=afeef3ec-6160-4c1d-94bd-0bfce641d0a2
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=15b7d1c4-4ef4-47b2-9e3b-22eafbdb90d8
Windows Server 2003 SP1 / SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=b7e725bf-7248-4119-aca5-b7d502c09cfc
Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=8af82f86-731c-46a0-a025-b62447e2af38
Windows Server 2003 with SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=bca224db-fe0e-411d-a948-1c776ce974f3
Windows Vista: http://www.microsoft.com/downloads/details.aspx?FamilyID=ba7a2b42-1c89-45e5-b8a6-049fa500c03a
Windows Vista x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyID=45962232-af78-42cb-bfa0-9ce7de199585

PROVIDED AND/OR DISCOVERED BY: The vendor credits Steven, COSEINC Vulnerability Research Lab.

ORIGINAL ADVISORY: MS08-007 (KB946026): http://www.microsoft.com/technet/security/Bulletin/MS08-007.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3237