Vulnerability Detail

Microsoft UPnP HTTP Request arbitrary code execution vulnerability

Date Discovered:
10 Apr 2007

Date Published:
11 Apr 2007

Last Updated:
13 May 2008

Threat Assessment

Overall Risk: Medium

Popularity : High

Impact: Critical

Simplicity: Low

Characteristics

Vulnerability ID: 35216
Discovered By: Greg MacManus

Exploitable Locally: No
Exploitable Remotely: Yes

Impact: A remote attacker can execute arbitrary code.

Root Cause: Software Vulnerability

Description

Recommendations

Affected Technologies

References

Description

Microsoft UPnP contains a vulnerability that can allow a remote attacker to execute arbitrary code. The vulnerability is due to improper handling of specially crafted HTTP requests by UPnP service. An attacker on the same subnet can send specially crafted HTTP requests to execute arbitrary code.

Recommendations

-------------------------------------------------------------------------------
For: Microsoft Windows XP Home Edition SP2 x86 32 DE, Microsoft Windows XP Home Edition SP2 x86 32 EN, Microsoft Windows XP Home Edition SP2 x86 32 ES, Microsoft Windows XP Home Edition SP2 x86 32 FR, Microsoft Windows XP Home Edition SP2 x86 32 IT, Microsoft Windows XP Professional SP2 x86 32 DE, Microsoft Windows XP Professional SP2 x86 32 EN, Microsoft Windows XP Professional SP2 x86 32 ES, Microsoft Windows XP Professional SP2 x86 32 FR, Microsoft Windows XP Professional SP2 x86 32 IT
Apply: WindowsXP-kb931261-x86
If you have: Microsoft Windows XP Home Edition SP2 x86 32 ES, Microsoft Windows XP Professional SP2 x86 32 ES

Download:
http://download.microsoft.com/download/c/8/f/c8f69c24-4f01-4377-bdff-f0911307b87f/WindowsXP-KB931261-x86-ESN.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 EN, Microsoft Windows XP Professional SP2 x86 32 EN

Download:
http://download.microsoft.com/download/4/3/3/4330ac20-d88e-4e61-98ed-4f45f3b2da96/WindowsXP-KB931261-x86-ENU.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 DE, Microsoft Windows XP Professional SP2 x86 32 DE

Download:
http://download.microsoft.com/download/b/4/c/b4c4eb95-d9d6-4575-92ba-95986de34bdf/WindowsXP-KB931261-x86-DEU.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 IT, Microsoft Windows XP Professional SP2 x86 32 IT

Download:
http://download.microsoft.com/download/e/7/7/e77d5fdb-16ec-466d-b68d-0af6ccbc0e8e/WindowsXP-KB931261-x86-ITA.exe

If you have: Microsoft Windows XP Home Edition SP2 x86 32 FR, Microsoft Windows XP Professional SP2 x86 32 FR

Download:
http://download.microsoft.com/download/c/4/8/c4883820-1eb5-4859-8dbd-446ac5e768c6/WindowsXP-KB931261-x86-FRA.exe

-------------------------------------------------------------------------------
For: Microsoft Windows XP Home Edition SP2 x86 32 DE, Microsoft Windows XP Home Edition SP2 x86 32 EN, Microsoft Windows XP Home Edition SP2 x86 32 ES, Microsoft Windows XP Home Edition SP2 x86 32 FR, Microsoft Windows XP Home Edition SP2 x86 32 IT, Microsoft Windows XP Professional 64-Bit Edition x64 64 EN, Microsoft Windows XP Professional SP2 x86 32 DE, Microsoft Windows XP Professional SP2 x86 32 EN, Microsoft Windows XP Professional SP2 x86 32 ES, Microsoft Windows XP Professional SP2 x86 32 FR, Microsoft Windows XP Professional SP2 x86 32 IT

If the vendor supplied patch is not available or installation is not feasible, the following steps can be used to limit exposure.

1. Implement a firewall

2. Install Anti-virus and Spyware detection software and ensure definitions are kept current

3. Check for software updates on a regular basis; if updates are available apply them as soon as possible

4. Use vigilance when opening HTML formatted emails, following links embedded in emails or links from an unknown source

5. Use a non-administrative privileged account for general tasks

6. Do not open files/links from untrusted or unconfirmed sources

-------------------------------------------------------------------------------
For: Microsoft Windows XP Professional 64-Bit Edition x64 64 EN

Please download and install the patch for Microsoft Data Access Components 2.8 on Microsoft Windows XP x64 Edition from the below link http://www.microsoft.com/technet/security/bulletin/ms07-019.mspx

-------------------------------------------------------------------------------
For: Microsoft Windows XP Home Edition SP2 x86 32 DE, Microsoft Windows XP Home Edition SP2 x86 32 EN, Microsoft Windows XP Home Edition SP2 x86 32 ES, Microsoft Windows XP Home Edition SP2 x86 32 FR, Microsoft Windows XP Home Edition SP2 x86 32 IT, Microsoft Windows XP Professional 64-Bit Edition x64 64 EN, Microsoft Windows XP Professional SP2 x86 32 DE, Microsoft Windows XP Professional SP2 x86 32 EN, Microsoft Windows XP Professional SP2 x86 32 ES, Microsoft Windows XP Professional SP2 x86 32 FR, Microsoft Windows XP Professional SP2 x86 32 IT

1.Click Start ->Select Control Panel->Select Administrative Tools->and choose Services

2.Under services Double-click Universal Plug and Play Device Host.

3.Under the Serivice properties change the Startup type list as Disabled.

4.Click Stop and Click OK

This can be performed in command line also by following command under:

sc stop UPnPHost &sc config UPnPHost start= disabled

Affected Technologies

Microsoft: Microsoft Windows XP Home Edition SP2 x86 32 DE
Microsoft: Microsoft Windows XP Home Edition SP2 x86 32 EN
Microsoft: Microsoft Windows XP Home Edition SP2 x86 32 ES
Microsoft: Microsoft Windows XP Home Edition SP2 x86 32 FR
Microsoft: Microsoft Windows XP Home Edition SP2 x86 32 IT
Microsoft: Microsoft Windows XP Professional 64-Bit Edition x64 64 EN
Microsoft: Microsoft Windows XP Professional SP2 x86 32 DE
Microsoft: Microsoft Windows XP Professional SP2 x86 32 EN
Microsoft: Microsoft Windows XP Professional SP2 x86 32 ES
Microsoft: Microsoft Windows XP Professional SP2 x86 32 FR
Microsoft: Microsoft Windows XP Professional SP2 x86 32 IT

References

Microsoft: ms07-019
Mitre CVE: CVE-2007-1204

CA Global Security Advisor

Current threat condition: Low

Documents and Tools

Find Threats

Viruses Spyware
Vulnerabilities All

Page Tools