HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2008-190
Microsoft Office SharePoint Server Security Bypass Vulnerability

Original Issue Date:December 11, 2008

Severity Rating: Medium

Systems Affected

  • Microsoft Office SharePoint Server 2007 (32-bit editions)
  • Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions)
  • Microsoft Office SharePoint Server 2007 (64-bit editions)
  • Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions)
  • Microsoft Search Server 2008 (32-bit editions)
  • Microsoft Search Server 2008 (64-bit editions)
  • Microsoft Search Server 2008 Express (32-bit)
  • Microsoft Search Server 2008 Express (64-bit)

Overview

An elevation of privilege vulnerability has been reported in Microsoft Office SharePoint Server. Successful exploitation of this vulnerability could allow an attacker to bypass authentication by browsing to an administrative URL on a SharePoint site and result in either denial of service or information disclosure.

Description

 Microsoft SharePoint Server includes browser-based collaboration and a document-management platform. It can be used to host web sites that access shared workspaces and documents, as well as specialized applications like wikis and blogs from a browser.

An elevation of privilege vulnerability has been reported in Microsoft Office SharePoint Server which is caused due to incorrect handling of access control on a subset of administrative functions that could allow an unauthenticated user to browse to a section of the SharePoint server intended to perform a subset of administrative functions.

An attacker who exploited this vulnerability successfully could cause denial of service by executing commands that would cause load on the server or gain sensitive information from the Microsoft Office SharePoint Services, such as internal path names and users' email addresses, and create scripts that would run in the context of the site.

Workaround

  • Block malicious HTTP requests using a firewall

Solution

Apply appropriate updates as mentioned in the Microsoft Security Bulletin MS08-077

Vendor Information

Microsoft
http://www.microsoft.com/technet/security/Bulletin/ms08-077.mspx

References

 Secunia
http://secunia.com/advisories/33063/

Security Tracker
http://www.securitytracker.com/alerts/2008/Dec/1021367.html

SecurityFocus
http://www.securityfocus.com/bid/32638

Cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=17184

VUPEN
http://www.vupen.com/english/advisories/2008/3389

CVE Name
CVE-2008-4032

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003