CERTA-2005-AVI-302

Vulnerability from certfr_avis - Published: 2005-08-10 - Updated: 2005-08-10

None

Description

Une faille dans le module Plug and Play (PnP) de Microsoft Windows a été découverte. Elle permettrait à un utilisateur mal-intentionné de prendre le contrôle total du système vulnérable, à distance ou en local, par le biais d'une exécution de code malveillant.

Concernant Windows XP SP2 et Windows 2003, l'attaquant doit avant tout disposer d'un couple d'authentification valide et ne peut exploiter la vulnérabilité que localement.

Concernant Windows XP SP1, l'attaquant doit disposer d'un couple d'authentification valide.

Solution

Appliquer les correctifs de Microsoft.

None
Impacted products
Vendor Product Description
Microsoft Windows Microsoft Windows XP Professional x64 Edition ;
Microsoft Windows Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 pour les systèmes basés sur Itanium ;
Microsoft Windows Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 ;
Microsoft Windows Microsoft Windows XP Service Pack 1 et Service Pack 2 ;
Microsoft Windows Microsoft Windows Server 2003 x64 Edition.
Microsoft Windows Microsoft Windows 2000 Service Pack 4 ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows XP Professional x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 pour les syst\u00e8mes bas\u00e9s sur Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 et Microsoft Windows Server 2003 Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne faille dans le module Plug and Play (PnP) de Microsoft Windows a \u00e9t\u00e9\nd\u00e9couverte. Elle permettrait \u00e0 un utilisateur mal-intentionn\u00e9 de prendre\nle contr\u00f4le total du syst\u00e8me vuln\u00e9rable, \u00e0 distance ou en local, par le\nbiais d\u0027une ex\u00e9cution de code malveillant.\n\n  \n\nConcernant Windows XP SP2 et Windows 2003, l\u0027attaquant doit avant tout\ndisposer d\u0027un couple d\u0027authentification valide et ne peut exploiter la\nvuln\u00e9rabilit\u00e9 que localement.\n\n  \n\nConcernant Windows XP SP1, l\u0027attaquant doit disposer d\u0027un couple\nd\u0027authentification valide.\n\n## Solution\n\nAppliquer les correctifs de Microsoft.\n",
  "cves": [],
  "initial_release_date": "2005-08-10T00:00:00",
  "last_revision_date": "2005-08-10T00:00:00",
  "links": [
    {
      "title": "Site de l\u0027\u00e9diteur :",
      "url": "http://www.microsoft.com"
    },
    {
      "title": "Bulletin Microsoft du 09 Ao\u00fbt 2005 :",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE-CAN :",
      "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1983"
    }
  ],
  "reference": "CERTA-2005-AVI-302",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation des privil\u00e8ges locaux"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans le module Plug and Play (PnP) de Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 de Microsoft MS05-39 du 09 Ao\u00fbt 2005",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.