Select local site

F-Secure Vulnerability Information :
Microsoft Windows IIS IPP Service Integer Overflow Vulnerability
[Summary] | [Detailed Description] | [Solution] | [CVE Reference]

Report ID:SA32248
Source:Secunia
Date of Discovery:14.10.2008
Criticality:Urgent
Affects:

Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Compromise From:From remote
Compromise Type:System access
Summary

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system.
Back to the Top

Detailed Description

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to an integer overflow error within the IPP (Internet Printing Protocol) ISAPI extension for IIS when processing specially crafted IPP responses. This can be exploited to execute arbitrary code by tricking an affected web server into connecting to a malicious IPP server via a specially crafted HTTP "POST" request.

Successful exploitation requires that IPP is enabled in IIS.
Back to the Top

Solution

Apply patches.

Microsoft Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?familyid=8163d1f6-feb5-4f39-8134-3ed42326b822

Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=e7ef571f-c9e8-4e14-95a3-3eeaec55b784

Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=3ae4b913-bff0-4974-b198-828ca10d2a87

Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=437a9b68-6a0c-48c8-9348-0d6fda48aa21

Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=d3df6508-a568-449d-ac97-fbf3f97b98ef

Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=748f54f1-40b9-407c-9819-909061b53743

Windows Vista and Windows Vista SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9B5995DF-A3B8-4E81-B118-9BB057E19884

Windows Vista x64 Edition and Windows Vista x64 Edition SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4A0FCF4B-EB8E-456A-B934-400AE18248EE

Windows Server 2008 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=3d6290d8-1745-4bc0-9ca9-eeb1ad0be4a5

Windows Server 2008 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=a33c833c-d5c5-4e37-8f89-7b9079f92e59

Windows Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=31783e88-76e2-4bc6-b4ae-308443c6d223
Back to the Top

CVE Reference
CVE-2008-1446
Back to the Top

F-Secure Corporation