Vulnerabilities 2015: High risk vulnerabilities in the Microsoft Windows

Posted: January 14, 2015 in Vulnerabilities
Tags: , , , , ,

dangerous flaw in windowsMicrosoft patches two critical vulnerabilities in the Windows:

  • Directory traversal attack CVE-2015-0016 (vulnerability exists in the TS WebProxy Windows component)
  • Buffer Overflow Vulnerability CVE-2015-0014 (A buffer overflow vulnerability exists in Windows Telnet service)

Bypass security restrictions in Microsoft Windows (Directory traversal attack)

Danger level: High
The presence of fixes: Yes
The number of vulnerabilities: 1

CVSSv2 rating: (AV: N / AC: L / Au: N / C: P / I: P / A: P / E: F / RL: O / RC: C) = Base: 7.5 / Temporal: 6.2
CVE ID: CVE-2015-0016

Vector of operation: Remote
Impact: Security Bypass (Elevation of Privilege), Directory traversal attack
Exploit Availability: Yes

Affected Products:Microsoft Windows 7, Windows 8, Windows 8.1, Windows RT 8.1, Windows RT, Windows Server 2008, Windows Server 2012, Windows Vista
Affected versions: Microsoft Windows 7, 8, 8.1, RT, RT 8.1, Server 2008, Server 2012, Vista

Description:
The vulnerability allows a remote user to bypass certain security restrictions (Could Allow Elevation of Privilege).

[CVE-2015-0016] – The vulnerability is caused due to an error when processing characters of a directory traversal (or path traversal) in component TS WebProxy Windows. This can be exploited to obtain elevated privileges.

Note: The vulnerability is actively exploited in the present moment.

System compromise in Microsoft Windows (Telnet Service Buffer Overflow Vulnerability)

Danger level: High
The presence of fixes: Yes
The number of vulnerabilities: 1

CVSSv2 rating: (AV: N / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: OF / RC: C) = Base: 9.3 / Temporal: 6.9
CVE ID: CVE-2015-0014
Vector of operation: Remote
Impact: System compromise, Remote Code Execution (Buffer Overflow)

Affected Products:

  • Microsoft Windows Server 2003 (Web Edition, Standard Edition, Enterprise Edition, Datacenter Edition)
  • Microsoft Windows Vista, Windows 7
  • Microsoft Windows Server 2008, Server 2008 R2
  • Microsoft Windows Server 2012, Server 2012 R2
  • Microsoft Windows 8.1, 8

Affected versions:

  • Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2
  • Microsoft Windows Vista, 7, 8, 8.1

Description:
The vulnerability allows a remote user to compromise a system (could then run arbitrary code on the server).

[CVE-2015-0014] – The vulnerability is caused due to an error in the validation of input data in Telnet. This can be exploited via a specially crafted packet to cause a buffer overflow and execute arbitrary code on the target system.

Solution: Install the hotfix from the manufacturer.

References:
https://technet.microsoft.com/en-us/library/security/ms15-004.aspx
https://technet.microsoft.com/library/security/MS15-002


 

Microsoft LogoManufacturer URL: https://windows.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s