Vulnerability Bulletins

int(3096)

Vulnerability Bulletins

Múltiples vulnerabilidades en Windows Client/Server Run-time Subsystem (CSRSS)
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de privilegios
Dificulty	Principiante
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	Microsoft
Affected software	Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional x64 Edition Service Pack 2 Microsoft Windows Server 2003 Microsoft Windows Server 2003 Service Pack 1 Microsoft Windows Server 2003 Service Pack 2 Microsoft Windows Server 2003 / Itanium-based Systems Microsoft Windows Server 2003 SP1 / Itanium-based Systems Microsoft Windows Server 2003 with SP2 / Itanium-based Systems Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 x64 Edition Service Pack 2 Windows Vista Windows Vista x64 Edition
Description
Se han descubierto múltiples vulnerabilidades en Windows Client/Server Run-time Subsystem (CSRSS). Las vulnerabilidades son descritas a continuación. - CVE-2006-6696: Se ha descubierto una vulnerabilidad en Microsoft Windows 2000, XP, 2003 y en Vista. La vulnerabilidad reside en un error cuando CSRSS invoca a las funciones "UserHardError()" y "GetHardErrorText()" de WINSRV.DLL. Un atacante local podría elevar sus privilegios llamando a la función "MessageBox()" con un mensage MB_SERVICE_NOTIFICATION con contenido especialmente diseñado. Existe un exploit público disponible. - CVE-2006-6697: Se ha descubierto una vulnerabilidad en Client Server Run-Time Subsystem (CSRSS) de Microsoft Windows. Un atacante local podría causar una denegación de servicio o leer memoria arbitraria de csrss.exe mediante un argumento especialmente diseñado en la función "NtRaiseHardError()". - CVE-2007-1209: Se ha descubierto una vulnerabilidad en Client Server Run-time Subsystem (CSRSS) de Microsoft Windows Vista que no maneja correctamente los recursos cuando arranca o para procesos. Un atacante local podría elevar sus privilegios abriendo y cerrando múltiples conexiones ApiPort.
Solution
Actualización de software Microsoft Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=909e3b63-4d11-4fe6-849f-1ce960eb62cd Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=69876449-25d1-41b4-b7c8-2b7fb40e59ee Microsoft Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=91fd8716-c1a2-434e-bed0-df9d01e3d685 Microsoft Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=91fd8716-c1a2-434e-bed0-df9d01e3d685 Microsoft Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?FamilyId=4dac667d-b346-461e-8bb5-6112e946349f Microsoft Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=4dac667d-b346-461e-8bb5-6112e946349f Microsoft Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=4dac667d-b346-461e-8bb5-6112e946349f Microsoft Windows Server 2003 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=639de6c7-0928-469a-be68-60ea391fa770 Microsoft Windows Server 2003 SP1 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=639de6c7-0928-469a-be68-60ea391fa770 Microsoft Windows Server 2003 with SP2 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=639de6c7-0928-469a-be68-60ea391fa770 Microsoft Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=69dbe4bc-05a5-450b-8c72-e431e800d4f3 Microsoft Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=69dbe4bc-05a5-450b-8c72-e431e800d4f3 Windows Vista http://www.microsoft.com/downloads/details.aspx?FamilyId=3487b1f0-a383-41a4-a660-2768962b3bcd Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=c46f62e1-dddd-4886-a82b-ebec258a495b
Standar resources
Property	Value
CVE	CVE-2006-6696 CVE-2006-6697 CVE-2007-1209
BID	21688
Other resources
Microsoft Security Bulletin MS07-021 http://www.microsoft.com/technet/security/bulletin/ms07-021.mspx

Version history
Version	Comments	Date
1.0	Aviso emitido	2007-04-12

Vulnerability Bulletins

Múltiples vulnerabilidades en Windows Client/Server Run-time Subsystem (CSRSS)

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history