[SECURITY-L] CAIS-Alerta: Vulnerabilidades no Microsoft SQL (MS08-040)
CSIRT - UNICAMP
security em unicamp.br
Sex Jul 11 16:06:26 -03 2008
----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----
From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Vulnerabilidades no Microsoft SQL (MS08-040)
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Thu, 10 Jul 2008 16:16:48 -0300 (BRT)
-----BEGIN PGP SIGNED MESSAGE-----
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-040 -
Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege
(941203)", que trata de quatro vulnerabilidades identificadas no Microsoft
SQL.
A vulnerabilidade mais critica pode permitir a um atacante o controle
completo do sistema atacado. As vulnerabilidades estao relacionadas com a
forma gerenciamento de memoria virtual (swap) do SQL, com a funcao de
conversao do SQL, uma falha na rotina de processo de backup da base e uma
falha no SQL quer pode permitir o buffer overflow e consequente escalacao
de privilegios do atacante.
Sistemas afetados:
. SQL Server 7.0 Service Pack 4
. SQL Server 2000 Service Pack 4
. SQL Server 2000 Itanium-based Edition Service Pack 4
. SQL Server 2005 Service Pack 2
. SQL Server 2005 x64 Edition Service Pack 2
. SQL Server 2005 com SP2 para sistemas baseados em Itanium
. Microsoft Data Engine (MSDE) 1.0 Service Pack 4
. Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) Service Pack 4
. Microsoft SQL Server 2005 Express Edition Service Pack 2
. Microsoft SQL Server 2005 Express Edition com Advanced Services Service Pack 2
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Microsoft
Windows 2000 Service Pack 4
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Windows
Server 2003 Service Pack 1 e Windows Server 2003 Service Pack 2
. Windows Internal Database (WYukon) Service Pack 2 componente do Windows
Server 2003 Service Pack 1 e Windows Server 2003 Service Pack 2
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Windows
Server 2003 x64 Edition e Windows Server 2003 x64 Edition Service Pack 2
. Windows Internal Database (WYukon) x64 Edition Service Pack 2 componente
do Windows Server 2003 x64 Edition e Windows Server 2003 x64 Edition
Service Pack 2
. Windows Internal Database (WYukon) Service Pack 2 componente do Windows
Server 2008 for 32-bit Systems
. Windows Internal Database (WYukon) x64 Edition Service Pack 2 componente
do Windows Server 2008 for x64-based Systems
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em:
. SQL Server 7.0 Service Pack 4
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=C95B2CB3-51A4-44E4-B9F4-9416E9CE16A0
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=C95B2CB3-51A4-44E4-B9F4-9416E9CE16A0
. SQL Server 2000 Service Pack 4
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4FD1F86A-94A2-43D8-9B0A-774C81426D9E
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=8316BC5E-8C2D-4710-8ACC-B815CCC81CD4
. SQL Server 2000 Itanium-based Edition Service Pack 4
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4FD1F86A-94A2-43D8-9B0A-774C81426D9E
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=8316BC5E-8C2D-4710-8ACC-B815CCC81CD4
. SQL Server 2005 Service Pack 2
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4C9851CC-2C4C-4190-872C-84993A7623B7
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=A60BB7E7-EF4E-4CBD-B63A-0AD7BD1402B3
. SQL Server 2005 x64 Edition Service Pack 2
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4C9851CC-2C4C-4190-872C-84993A7623B7
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=A60BB7E7-EF4E-4CBD-B63A-0AD7BD1402B3
. SQL Server 2005 com SP2 para sistemas baseados em Itanium
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4C9851CC-2C4C-4190-872C-84993A7623B7
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=A60BB7E7-EF4E-4CBD-B63A-0AD7BD1402B3
. Microsoft Data Engine (MSDE) 1.0 Service Pack 4
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=C95B2CB3-51A4-44E4-B9F4-9416E9CE16A0
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=C95B2CB3-51A4-44E4-B9F4-9416E9CE16A0
. Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) Service Pack 4
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4FD1F86A-94A2-43D8-9B0A-774C81426D9E
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=8316BC5E-8C2D-4710-8ACC-B815CCC81CD4
. Microsoft SQL Server 2005 Express Edition Service Pack 2
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4C9851CC-2C4C-4190-872C-84993A7623B7
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=A60BB7E7-EF4E-4CBD-B63A-0AD7BD1402B3
. Microsoft SQL Server 2005 Express Edition com Advanced Services Service Pack 2
GDR
http://www.microsoft.com/downloads/details.aspx?familyid=4C9851CC-2C4C-4190-872C-84993A7623B7
QFE
http://www.microsoft.com/downloads/details.aspx?familyid=A60BB7E7-EF4E-4CBD-B63A-0AD7BD1402B3
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Microsoft
Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=1c0ae18b-1f17-44b3-a337-b36e7de437a7
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Windows
Server 2003 Service Pack 1 e Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=1c0ae18b-1f17-44b3-a337-b36e7de437a7
. Windows Internal Database (WYukon) Service Pack 2 componente do Windows
Server 2003 Service Pack 1 e Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=48f6aaa5-49fc-4a16-bc34-8514e214b8cf
. Microsoft SQL Server 2000 Desktop Engine (WMSDE) componente do Windows
Server 2003 x64 Edition e Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=1c0ae18b-1f17-44b3-a337-b36e7de437a7
. Windows Internal Database (WYukon) x64 Edition Service Pack 2 componente
do Windows Server 2003 x64 Edition e Windows Server 2003 x64 Edition
Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=48f6aaa5-49fc-4a16-bc34-8514e214b8cf
. Windows Internal Database (WYukon) Service Pack 2 componente do Windows
Server 2008 for 32-bit Systems
http://www.microsoft.com/downloads/details.aspx?familyid=48f6aaa5-49fc-4a16-bc34-8514e214b8cf
. Windows Internal Database (WYukon) x64 Edition Service Pack 2 componente
do Windows Server 2008 for x64-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=48f6aaa5-49fc-4a16-bc34-8514e214b8cf
Mais informacoes:
. MS08-040 - Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
http://www.microsoft.com/technet/security/Bulletin/MS08-040.mspx
. SANS ISC Handler's Diary 2008-07-08: July 2008 black tuesday overview
http://isc.sans.org/diary.html?storyid=4684
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
. Windows Live OneCare
http://safety.live.com/site/pt-BR/default.htm
Identificador CVE (http://cve.mitre.org): CVE-2008-0085, CVE-2008-0086,
CVE-2008-0107, CVE-2008-0106
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iQCVAwUBSHZgJekli63F4U8VAQGNCgP9HLfLoQ7J9ruo7K4DwPMIwvcQxBg9wiYI
KLZom+vuWdJw07mXUbjCZEGT/OOchyEQzsi2FSOnl6kSXrTpGPN3ItoATCLFnQDm
R3voHUDsGL0WHGlnG7aamz8epUCzU5qZAe0D7zynzlGe+CQWmuw2HgxvI1MljCmb
CgRU4NCMrwg=
=5N6V
-----END PGP SIGNATURE-----
--
Para SAIR da lista rnp-alerta envie uma mensagem em branco para:
<rnp-alerta-unsubscribe em cais.rnp.br>
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L