=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2011/VULN096
_____________________________________________________________________

DATE                      : 09/02/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows XP, Windows Server 2003.

======================================================================
KB2478960
http://www.microsoft.com/technet/security/Bulletin/MS11-014.mspx
______________________________________________________________________

Microsoft Security Bulletin MS11-014 - Important
Vulnerability in Local Security Authority Subsystem Service Could Allow Local
Elevation of Privilege (2478960)

Published: February 08, 2011

Version: 1.0

General Information

Executive Summary

This security update resolves a privately reported vulnerability in the Local
Security Authority Subsystem Service (LSASS) in Windows XP and Windows Server
2003. This security update is rated Important for all supported editions of
these operating systems. For more information, see the subsection, Affected
and Non-Affected Software, in this section.

The vulnerability could allow elevation of privilege if an attacker logs on to
a system and runs a specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit this vulnerability.
The vulnerability could not be exploited remotely or by anonymous users.

The security update addresses the vulnerability by correcting the manner in
which LSASS handles specific values used in the authentication process.

Affected Software

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems

Vulnerability Information

LSASS Length Validation Vulnerability - CVE-2011-0039

An elevation of privilege vulnerability exists in the way that the Microsoft
Windows Local Security Authority Subsystem Service (LSASS) processes specially
crafted authentication requests. The vulnerability could allow an attacker to
run code with elevated privileges. An attacker who successfully exploited this
vulnerability could take complete control of an affected system. An attacker
could then install programs; view, change, or delete data; or create new accounts
with full administrative rights.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================