Signature Detail
Short Name |
APP:MISC:MS-ACTIVE-DIR-RCE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Microsoft Active Directory Federation Services Code Execution |
Release Date |
2013/09/18 |
Update Number |
2301 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Microsoft Active Directory Federation Services Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Active Directory. A successful attack can lead to arbitrary remote code execution within the context of the affected application.
Extended Description
Microsoft Active Directory Federation Services (ADFS) is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application, which may aid in further attacks.
Affected Products
- Microsoft Windows Server 2008 R2
- Microsoft Windows Server 2003 SP1
- Microsoft Windows Server 2003 SP2
- Microsoft Windows Server 2003 Datacenter Edition SP1
- Microsoft Windows Server 2003 Datacenter Edition
- Microsoft Windows Server 2003 Datacenter x64 Edition SP2
- Microsoft Windows Server 2003 Datacenter x64 Edition
- Microsoft Windows Server 2003 Enterprise Edition SP1
- Microsoft Windows Server 2003 Enterprise Edition
- Microsoft Windows Server 2003 Enterprise x64 Edition SP2
- Microsoft Windows Server 2003 Enterprise x64 Edition
- Microsoft Windows Server 2003 Standard Edition SP1
- Microsoft Windows Server 2003 Standard Edition SP2
- Microsoft Windows Server 2003 Standard Edition
- Microsoft Windows Server 2003 Standard x64 Edition
- Microsoft Windows Server 2003 Web Edition SP1
- Microsoft Windows Server 2003 Web Edition SP2
- Microsoft Windows Server 2003 Web Edition
- Microsoft Windows Server 2003 x64 SP1
- Microsoft Windows Server 2003 x64 SP2
- Microsoft Windows Server 2008 SP2 Beta
- Microsoft Windows Server 2008 Datacenter Edition SP2
- Microsoft Windows Server 2008 Datacenter Edition
- Microsoft Windows Server 2008 Enterprise Edition SP2
- Microsoft Windows Server 2008 Enterprise Edition
- Microsoft Windows Server 2008 for 32-bit Systems SP2
- Microsoft Windows Server 2008 for 32-bit Systems
- Microsoft Windows Server 2008 for x64-based Systems R2
- Microsoft Windows Server 2008 for x64-based Systems SP2
- Microsoft Windows Server 2008 for x64-based Systems
- Microsoft Windows Server 2008 R2 Datacenter
- Microsoft Windows Server 2008 Standard Edition SP2
- Microsoft Windows Server 2008 Standard Edition
References
- BugTraq: 37214
- CVE: CVE-2009-2509