| VID |
26477 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS09-070, 971726) for 'Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution ' has not been applied.
Arbitrary code can be executed on the remote host through Microsoft Active Directory Federation Services.
The version of Microsoft Active Directory Federation Services (ADFS) installed on the remote host is affected by the following vulnerabilities :
- Insufficient session management validation in the single sign-on functionality of ADFS could allow a remote authenticated user to spoof the identity of another user. (CVE-2009-2508)
- Incorrect validation of request headers when a remote authenticated user connects to an ADFS-enabled web server could be leveraged to perform actions on the affected IIS server with the same rights as the Worker Process Identity (WPI), which by default is configured with Network Service account privileges. (CVE-2009-2509)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms09-070.mspx
* Platforms Affected:
Windows Server 2003 SP2 and x64
Windows Server 2008 and SP2(32 bit, x64) |
| Recommendation |
Apply the appropriate patch (971726)for your system, as listed in Microsoft Security Bulletin MS09-070 at http://www.microsoft.com/technet/security/Bulletin/MS09-070.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2009-3675 (CVE) |
| Related URL |
37218 (SecurityFocus) |
| Related URL |
(ISS) |
|
