Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2008-6339 to a friend New vulnerability? New tool? Tell us	CVE-2008-6339 Akamai Download Manager Arbitrary Program Execution Vulnerability     Credit: The information has been provided by iDefense Labs Security Advisories. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=695 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2008-6339 Details Check for CVE-2008-6339 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Akamai Technologies Inc's DownloadManagerV2.ocx version 2.2.2.1  * Akamai Technologies Inc's Download Manager Java Applet version 2.2.2.0 Immune Systems:  * Akamai Technologies Inc's DownloadManagerV2.ocx version 2.2.3.5  * Akamai Technologies Inc's Download Manager Java Applet version 2.2.3.5 The ActiveX control version has the following identifiers:   Class: DownloadManager Control   CLSID: 2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B   CLSID: FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1   ProgId: MANAGER.DLMCtrl.1.   File: C:\Windows\Downloaded Program Files\DownloadManagerV2.ocx The Java version has the following identifiers:   Class: com.akamai.dm.ui.applet.DMApplet.class   JAR: dlm-java-2.2.2.0.jar This problem specifically exists due to two undocumented object parameters. By using these parameters, it is possible to cause Download Manager to automatically download and execute arbitrary binaries from attacker controlled locations. Analysis: Exploitation allows an attacker to execute arbitrary code in the context of the user viewing a maliciously crafted web page. In order to exploit this vulnerability, an attacker would need to persuade, or otherwise force, a user to view a malicious web page. This is usually accomplished by getting the targeted user to click a link in a form of electronic communication such as e-mail or instant messaging. While the attack is happening, the Download Manager user interface is displayed. However, in a normal attack scenario there is insufficient time to cancel the download before exploitation occurs. Workaround: Setting kill-bits for the associated CLSIDs will prevent the ActiveX control from being loaded within Internet Explorer, thereby preventing exploitation. Disabling Java will prevent exploitation using the Java Applet version. Vendor response: Akamai has addressed this vulnerability with the release of version 2.2.3.5 of their Download Manager product. For more information, refer to their advisory. To download the updated version, visit the following URL. http://dlm.tools.akamai.com/tools/upgrade.html CVE Information: CVE-2008-6339 Disclosure Timeline: 12/06/2007 - Initial vendor notification 12/06/2007 - Initial vendor response 04/30/2008 - Public disclosure  Comments on CVE-2008-6339:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®