 |
 Microsoft Active Directory Federation Services Code Execution Vulnerability (MS09-070)
Industry Reference:CVE-2009-2509.
A remote code execution vulnerability has been discovered in implementations of Active Directory Federation Services (ADFS). Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Federation Services (ADFS) helps the client to use single sign-on by securely sharing digital identity and entitlement rights across security and enterprise boundaries. A remote attacker can exploit the vulnerability to take complete control of an affected system remotely. This protection detects and blocks specially crafted HTTP requests sent to the vulnerable server.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-251.
Microsoft Internet Authentication Service MS-CHAP Security Bypass (MS09-071)Industry Reference:CVE-2009-3677.
An elevation of privilege vulnerability has been reported in the Internet Authentication Service. Internet Authentication Service (IAS) is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy. As a RADIUS server, IAS performs centralized connection authentication, authorization, and accounting for many types of network access. A remote attacker may exploit this issue to gain access to network resources under the privileges of a specific authorized user. This protection detects and blocks malformed MS-CHAP v2 authentication requests to the vulnerable service.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-253.
Microsoft WordPad and Office Text Converter Memory Corruption Vulnerability (MS09-073)Industry Reference:CVE-2009-2506.
A remote code execution vulnerability has been reported in Microsoft WordPad and Office Word. WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 97 file format. A remote attacker can exploit this vulnerability via a specially crafted Word 97 document. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection will detect and block the transferring of malformed Word files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-259.
Microsoft Office Project Memory Validation Remote Code Execution Vulnerability (MS09-074)Industry Reference:CVE-2009-0102.
A remote code execution vulnerability has been identified in the way Microsoft Project handles specially crafted Project files. Microsoft Project is a project management software program designed to assist project managers to stay informed, keep project teams aligned, increase productivity and control project work, schedules, and finances. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Microsoft Office Project files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-261.
Novell eDirectory dhost HTTPSTK Buffer Overflow VulnerabilityA code execution vulnerability exists in Novell eDirectory. Novell eDirectory is a Lightweight Directory Access Protocol (LDAP) server, intended for use as part of an identity management solution. The vulnerability is due to an error in dhost when handling HTTP requests. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable system. Successful exploitation would allow for execution of arbitrary code.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A new protection is now available.
CPAI-2009-301.
|
December 15, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|