MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

Certain identity validation methods may be bypassed allowing
impersonation.

Description :

The remote Windows host contains a version of the Microsoft Windows
CryptoAPI that is affected by multiple vulnerabilities :

- A spoofing vulnerability exists in the Microsoft Windows
CryptoAPI component when parsing ASN.1 information from
X.509 certificates. An attacker who successfully
exploited this vulnerability could impersonate another
user or system. (CVE-2009-2510)

- A spoofing vulnerability exists in the Microsoft Windows
CryptoAPI component when parsing ASN.1 object
identifiers from X.509 certificates. An attacker who
successfully exploited this vulnerability could
impersonate another user or system. (CVE-2009-2511)

See also :

http://technet.microsoft.com/en-us/security/bulletin/MS09-056

Solution :

Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista, 2008 and Windows 7.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 42112 ()

Bugtraq ID: 36475
36577

CVE ID: CVE-2009-2510
CVE-2009-2511