TITLE: Microsoft Windows HTTP Services Multiple Vulnerabilities SECUNIA ADVISORY ID: SA34677 Where: From remote VERIFY ADVISORY: http://secunia.com/advisories/34677/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks or compromise a user's system. 1) An integer underflow error in Windows HTTP Services can be exploited to execute arbitrary code via a specially crafted parameter returned by a malicious web server. 2) An error in Windows HTTP Services while validating the distinguished name of a certificate can be exploited to spoof a valid certificate. Successful exploitation requires the ability to perform DNS spoofing attacks. 3) An error in Windows HTTP Services can be exploited to reflect NTLM credentials and execute arbitrary code by tricking a user into connecting to a malicious web server. SOLUTION: Apply patches. Windows 2000 Service Pack 4: http://www.microsoft.com/downloads/details.aspx?familyid=39d5468e-5733-4c3e-9e75-3adac8ac8cb9 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=35af4151-1858-4c9a-85e4-9ff45feca1a4 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=49b16f0f-f6c3-4ca8-8041-392f4f7b5bbb Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=42509f5a-d0f9-444a-9445-5eabdb555011 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=7373ea32-bc2e-49f1-8b9f-4eeda5acc74c Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=05e33cc5-cff6-4c71-be71-285f66a95e01 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=f071d770-3b6b-4040-9911-d4de8cde4c68 Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=7ceef2d0-f316-48d1-aecc-d74f91cc5e1f Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=4c36548f-c8c9-4318-91e2-9e0501339548 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=1c3f0997-a8a9-4340-ae0c-2c4d6792c65c Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=0885b3b0-b78e-4980-902d-dff3886bcaac ORIGINAL ADVISORY: MS09-013 (KB960803): http://www.microsoft.com/technet/security/bulletin/ms09-013.mspx ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-