| VID |
26063 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix(Q323172) for the 'Digital Certificate Destruction Vulnerability due to a flaw in Certificate Enrollment Control' has not been applied.
Microsoft Certificate Enrollment Control is an ActiveX control included with all versions of Windows that is used for users to request digital certificates. By design, the control should be able to install new certificates, but should never be able to access certificates that are already on the user's system. However, this restriction could be bypassed through an extremely complex process, due to a flaw in the Windows Certificate Enrollment Control. By creating a malicious web pate, and then hosting it on a web site or sending the page as an HTML mail, a remote attacker can delete specified digital certificates from the target system when viewed. This would result in a denial of service against certain functions and services on the target system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS02-048.asp
* Platforms Affected:
Windows 98
Windows 98 Second Edition
Windows Me
Windows NT 4.0 SP 6a and earlier
Windows 2000 SP3 and earlier
Windows XP |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS02-048 at http://www.microsoft.com/technet/security/bulletin/MS02-048.asp
1. Open the following page :
For Microsoft Windows 98: http://www.microsoft.com/windows98/downloads/contents/WUCritical/q323172/default.asp
For Microsoft Windows 98 Second Edition: http://www.microsoft.com/windows98/downloads/contents/WUCritical/q323172/default.asp
For Microsoft Windows Me: http://download.microsoft.com/download/WINME/PATCH/24421/WINME/EN-US/323172USAM.EXE
For Microsoft Windows NT 4.0: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41747
For Microsoft Windows NT 4.0, Terminal Server Edition: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41361
For Microsoft Windows 2000: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41568
For Microsoft Windows XP: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41598
For Microsoft Windows XP 64-bit Edition: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41594
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
5. Restart your system to complete the installation.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com .
Windows Update detects what version of Windows you are running and offers the appropriate patch.
---
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0699
http://www.securityfocus.com/bid/5593
http://xforce.iss.net/xforce/xfdb/9982 |
| Related URL |
CVE-2002-0699 (CVE) |
| Related URL |
5593 (SecurityFocus) |
| Related URL |
9982 (ISS) |
|
