TITLE:
Microsoft Windows RPC Mutual Authentication Vulnerability
SECUNIA ADVISORY ID:
SA20637
VERIFY ADVISORY:
http://secunia.c
om/advisories/20637/
CRITICAL:
Moderately critical
IMPACT:
Spoofing
WHERE:
From local network
OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server
http://secunia.com/pro
duct/21/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/p
roduct/1177/
Microsoft Windows 2000 Professional
http://secunia.com/prod
uct/1/
Microsoft Windows 2000 Server
http://secunia.com/pro
duct/20/
DESCRIPTION:
A vulnerability has been reported in Microsoft Windows,
which
can be
exploited by malicious people to spoof a valid RPC server.
The vulnerability is caused due to an error within the
handling
of
RPC mutual authentication. This can be exploited to cause
custom RPC
clients to incorrectly validate the identity of the RPC
server,
which
potentially allows a malicious RPC server to impersonate a
valid
service.
Successful exploitation requires that RPC clients use SSL
with
mutual
authentication option enabled and that a user e.g. is
tricked
into
connecting to a malicious RPC server.
SOLUTION:
Apply patch.
Microsoft Windows 2000 SP4:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=5089d956-7d8d-4241-9ca
2-107ce4f8c093
ORIGINAL ADVISORY:
MS06-031 (KB917736):
http://www.microsoft.com/technet/security/Bullet
in/MS06-031.mspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|