Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability note CVE-2009-2508 CVE-2009-2509

Windows: two vulnerabilities of ADFS

Synthesis of the vulnerability

An authenticated attacker can use two vulnerabilities of ADFS, in order to spoof the identity of a user, or to execute code.
Severity: 3/4.
Creation date: 09/12/2009.

Description of the vulnerability

The ADFS (Active Directory Federation Services) feature manages the SSO (Single Sign-On) authentication of users who access to several web services. ADFS can be enabled on the IIS web server, and is reachable with a web client implementing WS-* (SOAP, WSDL and UUDI). ADFS is impacted by two vulnerabilities.

An attacker, who gains access to the cache of victim's web browser, can read and then reuse ADFS data during 10 hours, even if the victim logged off the web site. The attacker can therefore access to a web service, under the identity of the victim. [severity:2/4; BID-37215, CVE-2009-2508, >]

A remote authenticated attacker can use an HTTP-ADFS query with a malicious header, in order to execute code on IIS. [severity:3/4; BID-37214, CVE-2009-2509, >]

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Windows: two vulnerabilities of ADFS.
Keywords: ADFS Active DFS Directory Federation HTTP-ADFS IIS SOAP SSO Services Sign-On Single UUDI WS- WSDL Windows vulnerabilities.
Identifiers: 971726, BID-37214, BID-37215, CVE-2009-2508, CVE-2009-2509, MS09-070, VIGILANCE-VUL-9244.

Information sources

Publications and announces
Source example: MS09-070 - Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)

Solutions for this vulnerability

Patch or workaround

Supplements

Vulnerability : Single Sign On Spoofing in ADFS Vulnerability - CVE-2009-2508

An attacker, who gains access to the cache of victim's web browser, can read and then reuse ADFS data during 10 hours, even if the victim logged off the web site. The attacker can therefore access to a web service, under the identity of the victim.
Severity: 2/4.
Identifiers: BID-37215, CVE-2009-2508.

Vulnerability : Remote Code Execution in ADFS Vulnerability - CVE-2009-2509

A remote authenticated attacker can use an HTTP-ADFS query with a malicious header, in order to execute code on IIS.
Severity: 3/4.
Identifiers: BID-37214, CVE-2009-2509.

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française