Windows Print Spooler Access Permission Flaw Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1024435 |
|
SecurityTracker URL: http://securitytracker.com/id/1024435
|
|
CVE Reference:
CVE-2010-2729
(Links to External Site)
|
Date: Sep 14 2010
|
Impact:
Execution of arbitrary code via network, Modification of system information, Root access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7, 2008 R2; and prior service packs
|
Description:
A vulnerability was reported in Windows Print Spooler. A remote user can execute arbitrary code on the target system.
The Windows Print Spooler does not properly restrict access to print spoolers. A remote user can send specially crafted data to the print spooler via RPC to cause the spooler to create a file in a Windows system directory. This can be exploited to execute arbitrary code on the target system with System privileges.
Code execution is possible on Windows XP systems.
Sergey Golovanov, Alexander Gostev, Maxim Golovkin, and Alexey Monastyrsky of Kaspersky Lab, Vitaly Kiktenko and Alexander Saprykin of Design and Test Lab, and Liam O Morchu of Symantec reported this vulnerability.
|
Impact:
A remote user can execute arbitrary code on the target system.
|
Solution:
The vendor has issued the following fixes:
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=93FABA6B-0A85-4ACC-B527-A012BBF56B13
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=9F7F3737-056D-44BD-B644-51093B5B501B
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=3D79680B-C071-462F-9CEA-551FBD42EDF0
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=073B3305-4A81-4EF8-B6AA-E53B31A936B4
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=CA35A520-C4DA-41BB-ABCC-D5BC534FF19A
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=028977FD-0F39-42D4-9FEE-0D90A2931CFD
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=C68B9337-883D-4E98-BA0A-90B5CAD46184
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=E2E788DE-8400-4BF6-B96B-A915154AA20A
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=E08D4F49-5A13-4E1D-B0A7-27B314C2EDB5
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=098537D5-BF6E-4E04-AD33-1CDE697E062F
Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=34619E9E-1F00-40E4-BE6F-5BBF5E3C801B
Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=DBB747A5-658D-44CF-BD49-425D1700157F
Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=11E20088-1BE2-4166-9C97-234B7E9F1C4F
Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=D8C635F8-8978-44BF-B457-E07368F08EF4
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms10-061.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms10-061.mspx (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 14 Sep 2010 17:33:14 +0000
Subject: http://www.microsoft.com/technet/security/bulletin/ms10-061.mspx
|
Microsoft Security Bulletin MS10-061 - Critical: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
CVE-2010-2729
|
|
