Microsoft patches two critical vulnerabilities in the Windows:
- Directory traversal attack CVE-2015-0016 (vulnerability exists in the TS WebProxy Windows component)
- Buffer Overflow Vulnerability CVE-2015-0014 (A buffer overflow vulnerability exists in Windows Telnet service)
Bypass security restrictions in Microsoft Windows (Directory traversal attack)
Danger level: High
The presence of fixes: Yes
The number of vulnerabilities: 1
CVSSv2 rating: (AV: N / AC: L / Au: N / C: P / I: P / A: P / E: F / RL: O / RC: C) = Base: 7.5 / Temporal: 6.2
CVE ID: CVE-2015-0016
Vector of operation: Remote
Impact: Security Bypass (Elevation of Privilege), Directory traversal attack
Exploit Availability: Yes
Affected Products:Microsoft Windows 7, Windows 8, Windows 8.1, Windows RT 8.1, Windows RT, Windows Server 2008, Windows Server 2012, Windows Vista
Affected versions: Microsoft Windows 7, 8, 8.1, RT, RT 8.1, Server 2008, Server 2012, Vista
Description:
The vulnerability allows a remote user to bypass certain security restrictions (Could Allow Elevation of Privilege).
[CVE-2015-0016] – The vulnerability is caused due to an error when processing characters of a directory traversal (or path traversal) in component TS WebProxy Windows. This can be exploited to obtain elevated privileges.
Note: The vulnerability is actively exploited in the present moment.
System compromise in Microsoft Windows (Telnet Service Buffer Overflow Vulnerability)
Danger level: High
The presence of fixes: Yes
The number of vulnerabilities: 1
CVSSv2 rating: (AV: N / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: OF / RC: C) = Base: 9.3 / Temporal: 6.9
CVE ID: CVE-2015-0014
Vector of operation: Remote
Impact: System compromise, Remote Code Execution (Buffer Overflow)
Affected Products:
- Microsoft Windows Server 2003 (Web Edition, Standard Edition, Enterprise Edition, Datacenter Edition)
- Microsoft Windows Vista, Windows 7
- Microsoft Windows Server 2008, Server 2008 R2
- Microsoft Windows Server 2012, Server 2012 R2
- Microsoft Windows 8.1, 8
Affected versions:
- Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2
- Microsoft Windows Vista, 7, 8, 8.1
Description:
The vulnerability allows a remote user to compromise a system (could then run arbitrary code on the server).
[CVE-2015-0014] – The vulnerability is caused due to an error in the validation of input data in Telnet. This can be exploited via a specially crafted packet to cause a buffer overflow and execute arbitrary code on the target system.
Solution: Install the hotfix from the manufacturer.
References:
https://technet.microsoft.com/en-us/library/security/ms15-004.aspx
https://technet.microsoft.com/library/security/MS15-002
Manufacturer URL: https://windows.com