Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15046
HistoryDec 12, 2009 - 12:00 a.m.

Microsoft Windows ADFS服务单次登录功能认证欺骗漏洞(MS09-070)

2009-12-1200:00:00
Root
www.seebug.org
18

0.001 Low

EPSS

Percentile

30.3%

JSON

BUGTRAQ ID: 37215
CVE ID: CVE-2009-2508

Microsoft Windows是微软发布的非常流行的操作系统。

Windows的ADFS服务没有充分地验证会话管理,如果攻击者能够访问目标用户近期所使用的用于访问提供单次登录站点的工作站和Web浏览器,就可能允许攻击者扮演为通过认证的用户。

攻击者必须可以访问终端上之前用户所使用的认证令牌才可以利用这个漏洞。在启用了HTTPS服务器的情况下,认证令牌在传输中是受保护的,攻击者必须能够访问受害者的计算机(如自助终端机)才可以利用这个漏洞。在自助终端机上,用户可能登录到ADFS SSO Web应用然后注销应用。之后攻击者可以使用该计算机以之前用户的身份访问Web应用,尽管该用户已经注销。

Microsoft Windows Server 2008 SP2
Microsoft Windows Server 2008
Microsoft Windows Server 2003 SP2
厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS09-070)以及相应补丁:
MS09-070:Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
链接:http://www.microsoft.com/technet/security/Bulletin/MS09-070.mspx?pf=true

Related

prion 1
cve 1
openvas 2
nessus 1
securityvulns 2
prion
prion
Design/Logic Flaw
2009-12-09 18:30:00
cve
cve
CVE-2009-2508
2009-12-09 18:30:00
openvas
openvas
Microsoft Windows ADFS Remote Code Execution Vulnerability (971726)
2009-12-09 00:00:00
Microsoft Windows ADFS Remote Code Execution Vulnerability (971726)
2009-12-09 00:00:00
nessus
nessus
MS09-070: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
2009-12-08 00:00:00
securityvulns
securityvulns
Microsoft Windows Active Directory Federation Service multiple security vulnerabilities
2009-12-09 00:00:00
Microsoft Security Bulletin MS09-070 - Important Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
2009-12-09 00:00:00

0.001 Low

EPSS

Percentile

30.3%

JSON
Related for SSV:15046
prion1cve1openvas2nessus1securityvulns2