Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Wed, 15 Oct 2014 17:24:21 +0200
Type : VULN
Sujet : CERT-Renater : 2014/VULN217 (Microsoft : Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution)
====================================================================
                           CERT-Renater

               Note d'Information No. 2014/VULN217
_____________________________________________________________________

DATE                : 15/10/2014

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows Vista, version Server 2003, Server 2008,
                      7, 8, 8.1, Server 2012, RT.

======================================================================
https://technet.microsoft.com/library/security/ms14-057
______________________________________________________________________

MS14-057 Vulnerabilities in .NET Framework Could Allow Remote Code Execution

Published Date: October 14, 2014

Version: 1.0


General Information

Executive Summary

This security update resolves three privately reported vulnerabilities
in Microsoft .NET Framework. The most severe of the vulnerabilities
could allow remote code execution if an attacker sends a specially
crafted URI request containing international characters to a .NET web
application. In .NET 4.0 applications, the vulnerable functionality
(iriParsing) is disabled by default; for the vulnerability to be
exploitable an application has to explicitly enable this functionality.
In .NET 4.5 applications, iriParsing is enabled by default and cannot
be disabled.

This security update is rated Critical for Microsoft .NET Framework 2.0
Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework
3.5.1, Microsoft .NET Framework 4, and Microsoft .NET Framework
4.5/4.5.1/4.5.2 on affected releases of Microsoft Windows.


Affected Software

Operating System

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition Service Pack 2

Windows Server 2003 with SP2 for Itanium-based Systems

Windows Vista Service Pack 2

Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for Itanium-based Systems Service Pack 2

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Windows 8 for 32-bit Systems

Windows 8 for x64-based Systems

Windows 8.1 for 32-bit Systems

Windows 8.1 for x64-based Systems

Windows Server 2012

Windows Server 2012 R2

Windows RT

Windows RT 8.1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation)

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2 (Server Core installation)

Vulnerability Information

.NET ClickOnce Elevation of Privilege Vulnerability - CVE-2014-4073

An elevation of privilege vulnerability exists in Microsoft .NET
Framework that could allow an attacker to elevate privileges on the
targeted system.

To view this vulnerability as a standard entry in the Common
Vulnerabilities and Exposures list, see CVE-2014-4073.

.NET Framework Remote Code Execution Vulnerability - CVE-2014-4121

A remote code execution vulnerability exists in the way that Microsoft
.NET Framework improperly parses internationalized resource
identifiers. An attacker who successfully exploited this vulnerability
could take complete control of an affected system. An attacker could
then install programs; view, change, or delete data; or create new
accounts with full user rights. Users whose accounts are configured to
have fewer user rights on the system could be less impacted than users
who operate with administrative user rights.

To view this vulnerability as a standard entry in the Common
Vulnerabilities and Exposures list, see CVE-2014-4121.

.NET ASLR Vulnerability - CVE-2014-4122

A security feature bypass vulnerability exists in Microsoft .NET
Framework that could allow an attacker to bypass the Address Space
Layout Randomization (ASLR) security feature, which helps protect users
from a broad class of vulnerabilities. The security feature bypass by
itself does not allow arbitrary code execution. However, an attacker
could use this ASLR bypass vulnerability in conjunction with another
vulnerability, such as a remote code execution vulnerability, that
could take advantage of the ASLR bypass to run arbitrary code.

To view this vulnerability as a standard entry in the Common
Vulnerabilities and Exposures list, see CVE-2014-4122.


=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]