CERTA-2004-AVI-240

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans Microsoft Windows Task Scheduler permet à un utilisateur mal intentionné de réaliser un déni de service ou d'exécuter du code arbitraire à distance.

Description

Un débordement de pile est présent dans la verification du nom de l'application à exécuter dans le gestionnaire de tâches (task scheduler Mstask.dll). Un utilisateur mal intentionné peut, via l'utilisation d'un email, d'un fichier ayant l'extension .JOB ou d'un site Internet malicieusement construit, réaliser un déni de service ou exécuter du code arbitraire sur la plate-forme vulnérable.

La vulnérabilité n'est exploitable que si la victime est administrateur du système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None
Impacted products
Vendor Product Description
Microsoft Windows Microsoft Windows 2000 Professional ;
Microsoft Windows Microsoft Windows XP Home Edition ;
Microsoft Windows Microsoft Windows XP Professional ;
Microsoft Windows Microsoft Windows 2000 Advanced Server ;
Microsoft Windows Microsoft Windows 2000 Server ;
Microsoft Windows Internet Explorer 6.0 Service Pack 1 installé sur Windows NT 4.0 SP6a.
Microsoft Windows Microsoft Windows 2000 Datacenter Server ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows 2000 Professional ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Home Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Advanced Server ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Server ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Internet Explorer 6.0 Service Pack 1 install\u00e9 sur Windows NT 4.0 SP6a.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Datacenter Server ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUn d\u00e9bordement de pile est pr\u00e9sent dans la verification du nom de\nl\u0027application \u00e0 ex\u00e9cuter dans le gestionnaire de t\u00e2ches (task scheduler\nMstask.dll). Un utilisateur mal intentionn\u00e9 peut, via l\u0027utilisation d\u0027un\nemail, d\u0027un fichier ayant l\u0027extension .JOB ou d\u0027un site Internet\nmalicieusement construit, r\u00e9aliser un d\u00e9ni de service ou ex\u00e9cuter du\ncode arbitraire sur la plate-forme vuln\u00e9rable.\n\nLa vuln\u00e9rabilit\u00e9 n\u0027est exploitable que si la victime est administrateur\ndu syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de l\u0027US-CERT VU#228028 du 13 juillet    2004 :",
      "url": "http://www.kb.cert.org/vuls/id/228028"
    }
  ],
  "reference": "CERTA-2004-AVI-240",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-07-15T00:00:00.000000"
    },
    {
      "description": "correction des syst\u00e8mes affect\u00e9s et ajout du risque.",
      "revision_date": "2004-07-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans Microsoft Windows Task Scheduler permet \u00e0 un\nutilisateur mal intentionn\u00e9 de r\u00e9aliser un d\u00e9ni de service ou d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Windows Task Scheduler",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS04-022",
      "url": "http://www.microsoft.com/technet/security/bulletin/ms04-022.mspx"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.