Alert GCSA-09040 - Vulnerabilita' in Active Directory (MS09-018)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-09040
Data : 10 giugno 2009
Titolo : Vulnerabilita' in Active Directory (MS09-018)
******************************************************************
:: Descrizione del problema
Il bolletino di sicurezza Microsoft MS09-018, considerato critico,
risolve due vulnerabilita' presenti in Active Directory che
potrebbero essere sfruttate da un attaccante remoto per causare
condizioni di denial of service e compromettere un sistema
vulnerabile.
:: Sistemi operativi interessati
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Professional
:: Impatto
Denial of Service
Compromissione del sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin MS09-018 - Critical
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
US-CERT - Technical Cyber Security Alert TA09-160A
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Secunia - Microsoft Windows Active Directory Two Vulnerabilities
http://secunia.com/advisories/35355/
Securityfocus
http://www.securityfocus.com/bid/35226
http://www.securityfocus.com/bid/35225
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1139
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSi/VfPOB+SpikaiRAQL7OwQAs9JR7fLj/2EJ98uVMzzZN6rNg5kr7JQU
oyxe6P9POu/+vRboplE6QYmdt27R7laT1Q1z+O5mctX96P0JJd5rfaQGe8MnIgxn
jLhe2HHRSoowO8/mnZX4bgBkiOp0xnFCKoFsn2GVNbY/mAae3F362cbPuLgWfh5z
NrBTDnaS5No=
=cQzJ
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-09040
Data : 10 giugno 2009
Titolo : Vulnerabilita' in Active Directory (MS09-018)
******************************************************************
:: Descrizione del problema
Il bolletino di sicurezza Microsoft MS09-018, considerato critico,
risolve due vulnerabilita' presenti in Active Directory che
potrebbero essere sfruttate da un attaccante remoto per causare
condizioni di denial of service e compromettere un sistema
vulnerabile.
:: Sistemi operativi interessati
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Professional
:: Impatto
Denial of Service
Compromissione del sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin MS09-018 - Critical
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
US-CERT - Technical Cyber Security Alert TA09-160A
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Secunia - Microsoft Windows Active Directory Two Vulnerabilities
http://secunia.com/advisories/35355/
Securityfocus
http://www.securityfocus.com/bid/35226
http://www.securityfocus.com/bid/35225
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1139
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSi/VfPOB+SpikaiRAQL7OwQAs9JR7fLj/2EJ98uVMzzZN6rNg5kr7JQU
oyxe6P9POu/+vRboplE6QYmdt27R7laT1Q1z+O5mctX96P0JJd5rfaQGe8MnIgxn
jLhe2HHRSoowO8/mnZX4bgBkiOp0xnFCKoFsn2GVNbY/mAae3F362cbPuLgWfh5z
NrBTDnaS5No=
=cQzJ
-----END PGP SIGNATURE-----