—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung des Microsoft Product Security
Notification Service. Wir geben diese Informationen unveraendert an Sie
weiter.

CVE-2011-1977 – Schwachstelle in Microsoft Chart Controls

Microsoft Chart Controls im .NET Framework 4 behandelt nicht weiter
beschriebene Zeichen in URLs unsicher. Ein entfernter Angreifer kann
daher mittels praeparierter GET-Anfragen jegliche Dateien auf dem
Webserver lesen und somit an sensible Informationen gelangen.

Betroffen sind die folgenden Software Pakete und Plattformen:

Microsoft .NET Framework 4
Chart Control for Microsoft .NET Framework 3.5 Service Pack 1

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 mit SP2 fuer Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 fuer 32-bit Systeme Service Pack 2
Windows Server 2008 fuer x64-based Systeme Service Pack 2
Windows Server 2008 fuer Itanium-based Systeme Service Pack 2
Windows 7 fuer 32-bit Systeme und Windows 7 fuer 32-bit Systeme
Service Pack 1
Windows 7 fuer x64-based Systeme und Windows 7 fuer x64-based Systeme
Service Pack 1
Windows Server 2008 R2 fuer x64-based Systeme und Windows Server 2008
R2 fuer x64-based Systeme Service Pack 1
Windows Server 2008 R2 fuer Itanium-based Systeme und Windows Server
2008 R2 fuer Itanium-based Systeme Service Pack 1

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Matthias Braeck

– —
Matthias Braeck (Incident Response Team)

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

Automatische Warnmeldungen: https://www.cert.dfn.de/autowarn

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2011.0821
Vulnerability in Microsoft Chart Control Could Allow Information Disclosure
10 August 2011

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Microsoft .NET Framework 4
Chart Control for Microsoft .NET Framework 3.5 Service Pack 1
Publisher: Microsoft
Operating System: Windows
Impact/Access: Access Privileged Data — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2011-1977

Original Bulletin:
http://www.microsoft.com/technet/security/bulletin/MS11-066.mspx

– – ————————–BEGIN INCLUDED TEXT——————–

Microsoft Security Bulletin MS11-066 – Important
Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
Published: August 09, 2011
Version: 1.0

General Information

Executive Summary

This security update resolves a privately reported vulnerability in
ASP.NET Chart controls. The vulnerability could allow information
disclosure if an attacker sent a specially crafted GET request to an
affected server hosting the Chart controls. Note that this
vulnerability would not allow an attacker to execute code or to elevate
the attacker’s user rights directly, but it could be used to retrieve
information that could be used to further compromise the affected
system. Only web applications using Microsoft Chart Control are
affected by this issue. Default installations of the .NET Framework are
not affected.

This security update is rated Important for Microsoft .NET Framework 4
on all supported releases of Microsoft Windows and for Chart Control
for Microsoft .NET Framework 3.5 Service Pack 1. For more information,
see the subsection, Affected and Non-Affected Software, in this
section.

Affected Software

Microsoft .NET Framework 4
Chart Control for Microsoft .NET Framework 3.5 Service Pack 1

Vulnerability Information

Chart Control Information Disclosure Vulnerability – CVE-2011-1977

An information disclosure vulnerability exists in the way that
Microsoft Chart controls incorrectly handle special characters within a
specially crafted URI. An attacker who successfully exploited this
vulnerability would be able to read the contents of any file within the
web site directory or subdirectories, such as web.config. The
web.config file often stores sensitive information. The consequences of
the disclosure of that information depend on the nature of the
information itself. Note that this vulnerability would not allow an
attacker to execute code or to elevate the attacker’s user rights
directly, but it could be used to produce information that could be
used to try to further compromise the affected system.

– – ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
– —–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTkHQKO4yVqjM2NGpAQKGDhAAvcPMfEeYSG0oyRIbs96ycHdadzSgwbTH
wHsEUA1cdKMQXiB/Tk984BKSZ3cmu5ISKCMSkkPxYk4vqnus3VlwgMNpLn5FznbY
TP3oRUuM2SB5bqk2yqgCbju7tc0YhiMpAaMZeGsfXdILMIHEbP5KM2IRLShKQTzO
sdtJPxdFmuQ8guAIttHL2AiVXQo4zRxFMA84N/yOqrwXq0yME7+a/4AGbtN8bl0a
fqfRG67ezZctWUham3MS8YzZWjD+yZvxKDF95ypvCsNb76iUgZNq2Zyo54RmLK88
Eie7vJ8pinNdZ607eKMW8NRxdO7I5WKVe3SMo52h3ZoSaa7pFBnWEJYvwB4/CS64
8wva6/h587sjgszQY+OQhPbc7FPSqftCeiVZtf6dlQd2lVqsk88d6vkg7ktq1Vu4
+YPPc5DK8EH6JwzHErVUg0+P88PWpxH1nypEnv7WTFmN5rYdOoo7G3NyHKr7rAYk
I0ipXPhatcXJuZpDEIukronjhgD5ovzJ3vKTzehwsYoXAKayJbNtxqAfB+N5trX8
Mf7fFt8W+d91ECYX/xMw4PHACyFlhUQLocEkmbheRkXtMHRUVdvfdka69x5jJs87
rciiqj3QTs+N74fAqhTYmpbFgpx3njmfS96g+9qG9mwQbOQ93C+hbnkBFWrpnFzc
Tsl0gb+yKsI=
=Utvb
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.16 (GNU/Linux)

iQEcBAEBAgAGBQJOQmopAAoJEJtyb8U7iGZB0csH/jp/UiEO8KyJcRpJYCt2XNwE
y5Yl7tYQEAUhs/h0vkyP2uL6FYKEy51fx2dFykQSTEz3yACWchkV+APmurqOFA3m
slS6swrJFEyhnoerP/s/TmWK/y31gvGEz3MNFqXndCxdHq4LOc/ssozr5EZe7FuW
wXkofgxtczpC4NpeF1e4gZsiTTuMh6CyaJIjE3AcSfuBhHj3p9wedUslZNW/jkwP
CRpYmHIW5G4S52i6IyP8ilXSzAUAbhIcaUTiirgwC8YkbGfnj07gFOVBjVOutW/K
wxBCCqnn7EnZds0B73a8TaT9VlM9BLvMvDl72Lbkt1DcGvAcNd36ZI1Ipyfic+0=
=PMXI
—–END PGP SIGNATURE—–