Posts

Microsoft MS15-034 (HTTP.sys DoS, Memory Disclosure and potential Remote Code Execution)

As mentioned in our post for Patch Tuesday April 2015, the MS15-034 has now work a working exploit which causes a DoS for unpatched Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2, if they’re running a service that’s using IIS (or any other service uding HTTP.sys) and have kernel caching turned on (which it is by default).

This DoS is extremely simple to cause (just a simple curl/wget), and will cause your server to have a BSOD.

Update: It seems like this issue also does information disclosure à la heartbleed. With small modifications to yesterdays published exploit one can disclose memory regions from a vulnerable server.
There has also been rumours that Exchange servers with autodiscovery turned on are vulnerable for DNS hijacking/corruption.

There are various ways to see if you are vulnerable, but they are not fool-proof and because of this it is extremely advised to just apply the patch.

It is just a matter of time now before a remote code execution exploit is released, which means someone would gain control of your server, so do not wait to patch your systems.

Cisco IOS Multiple DoS Vulnerabilities

Information regarding 7 DoS vulnerabilities for Cisco IOS was released yesterday by Cisco.
All of them are regarding DoS attacks, so it’s recommended to upgrade as soon as possible.

Cisco IOS Software Internet Key Exchange Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ike

Cisco IOS Software Smart Install Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall

Cisco IOS Software Zone-Based Policy Firewall Session Initiation
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce

Cisco IOS Software Network Address Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat

Cisco IOS Software Protocol Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt

Cisco IOS Software Resource Reservation Protocol Denial of Service
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp

Cisco IOS Software IP Service Level Agreement Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla