{"id":288,"date":"2014-11-19T12:17:56","date_gmt":"2014-11-19T17:17:56","guid":{"rendered":"https:\/\/10.252.76.154\/?p=288"},"modified":"2015-09-29T16:46:48","modified_gmt":"2015-09-29T21:46:48","slug":"csirt-panama-aviso-2014-11-vulnerabilidad-en-microsoft-kerberos-kdc-cve-2014-6324","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=288","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2014-11- Vulnerabilidad en Microsoft Kerberos KDC (CVE-2014-6324)"},"content":{"rendered":"<p style=\"text-align: justify;\">CSIRT Panam\u00e1 Aviso 2014-11- Vulnerabilidad en Microsoft Kerberos KDC (CVE-2014-6324)<br \/>\nGravedad: ALTA<br \/>\nFecha de publicaci\u00f3n: Noviembre 19, 2014<br \/>\nFecha de modificaci\u00f3n: Noviembre 19, 2014<br \/>\n\u00daltima revisi\u00f3n: Revisi\u00f3n A.<br \/>\nFuente: Bolet\u00edn de Seguridad de Microsoft<\/p>\n<p style=\"text-align: justify;\">Sistemas afectados<br \/>\nWindows Server 2003 Service Pack 2<br \/>\nWindows Server 2003 x64 Edition Service Pack 2<br \/>\nWindows Server 2003 with SP2 for Itanium-based Systems<br \/>\nWindows Vista Service Pack 2<br \/>\nWindows Vista x64 Edition Service Pack 2<br \/>\nWindows Server 2008 for 32-bit Systems Service Pack 2<br \/>\nWindows Server 2008 for x64-based Systems Service Pack 2<br \/>\nWindows Server 2008 for Itanium-based Systems Service Pack 2<br \/>\nWindows 7 for 32-bit Systems Service Pack 1<br \/>\nWindows 7 for x64-based Systems Service Pack 1<br \/>\nWindows Server 2008 R2 for x64-based Systems Service Pack 1<br \/>\nWindows Server 2008 R2 for Itanium-based Systems Service Pack 1<br \/>\nWindows 8 for 32-bit Systems<br \/>\nWindows 8 for x64-based Systems<br \/>\nWindows 8.1 for 32-bit Systems<br \/>\nWindows 8.1 for 32-bit Systems<br \/>\nWindows Server 2012<br \/>\nWindows Server 2012 R2<br \/>\nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)<br \/>\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)<br \/>\nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core<br \/>\nWindows Server 2012 (Server Core installation)<br \/>\nWindows Server 2012 R2 (Server Core installation)<\/p>\n<p style=\"text-align: justify;\">I. Descripci\u00f3n<br \/>\nMicrosoft ha liberado actualizaciones de seguridad para solventar una vulnerabilidad de elevaci\u00f3n de privilegios en las implementaciones de Kerberos KDC en Microsoft Windows. Kerberos KDC (Key Distribution Center, por sus siglas en ingl\u00e9s) es un servicio de red que suministra \u201ctickets\u201d de sesi\u00f3n y llaves de sesi\u00f3n temporales a los usuarios y computadoras dentro de un dominio de servicio de directorio (Active Directory). Este servicio de red no revisa apropiadamente las firmas v\u00e1lidas en el PAC (Privilege Attribute Certificate, siglas en ingl\u00e9s) incluidas en la petici\u00f3n de \u201cticket\u201d de Kerberos [1]. Un usuario del dominio puede fabricar estar informaci\u00f3n contenida en el PAC para solicitar elevaci\u00f3n de privilegios no autorizada. Debido a que KDC no verifica la firma correctamente, el usuario obtendr\u00e1 privilegios de nivel de administrador de dominio permitiendo comprometer totalmente el dominio. La explotaci\u00f3n de esta vulnerabilidad permitir\u00eda a un atacante tomar control de un sistema afectado. El c\u00f3digo CVE asignado para esta vulnerabilidad es CVE-2014-6324.<\/p>\n<p style=\"text-align: justify;\">II. Impacto<br \/>\nVector de acceso: A trav\u00e9s de red.<br \/>\nComplejidad de Acceso: Baja.<br \/>\nAutenticaci\u00f3n: Requerida para explotarla.<br \/>\nTipo de impacto: Compromiso total de la integridad del sistema, Compromiso total de la disponibilidad del sistema, Compromiso total de la confidencialidad del sistema<\/p>\n<p style=\"text-align: justify;\">III. Mitigaci\u00f3n<br \/>\nActualizar el software<\/p>\n<p style=\"text-align: justify;\">CSIRT Panam\u00e1 recomienda a los usuarios y administradores revisar el bolet\u00edn de seguridad de Windows MS14-068 [2] y aplicar las actualizaciones necesarias.<\/p>\n<p style=\"text-align: justify;\">IV. Referencias<br \/>\n[1] http:\/\/www.kb.cert.org\/vuls\/id\/213119<br \/>\n[2] https:\/\/technet.microsoft.com\/es-es\/library\/security\/ms14-068<br \/>\nIV. Informaci\u00f3n de contacto<br \/>\nCSIRT PANAMA<br \/>\nAutoridad Nacional para la Innovaci\u00f3n Gubernamental<br \/>\nE-Mail: info@cert.pa<br \/>\nWeb: https:\/\/www.cert.pa<\/p>\n<p style=\"text-align: justify;\">&#8212;&#8211;BEGIN PGP PUBLIC KEY BLOCK&#8212;&#8211;<br \/>\nVersion: GnuPG v2.0.17 (MingW32)<\/p>\n<p style=\"text-align: justify;\">mQENBE8C9KoBCAClkvrtdD08B1YgIntnK241GmWY7fRWtPn\/QIEG1+TLokEuOhw+<br \/>\nGq\/lK\/4NP9RzqpD57LcRUBiGgTmO\/5C9xkhVmxz2jid0h03fLorC84rAk2pOjr0i<br \/>\npbltETq9RCGhOWp13OV22x2yiIedBi05bzw3F+uLHhn9xKjmpBuZB6WO\/TuD52DH<br \/>\nKRZtwSvoaa61vL0bGnIf3lNGWkALWEC3lGBppby4D05N2FNfgfOFr1yOpxTaRaDh<br \/>\n4kOnoAEWVzppkTPyqSOkwXmgdma8D9yqD41Ffu8ypGTv+OOVO7jDq8tx9wVZEU+w<br \/>\npqBTzQcf0P0K7qO3igdHQxqHmqXsaJpbmvCBABEBAAG0KkNTSVJUIFBhbmFtYSAo<br \/>\nQ1NJUlQgUGFuYW1hKSA8aW5mb0BjZXJ0LnBhPokBOAQTAQIAIgUCTwL0qgIbDwYL<br \/>\nCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ2YlXchbysSSPSQgAooUy3qSR\/YX2<br \/>\nH3USJ5VzrmnraHg5LIWRPIBD1PGrswjLE8hxdobPU\/uzi9LWnEcDscfFVKM\/K0Jt<br \/>\nbjeoESqCVFlpE0YXJWdDhy0m2WM410sDE2HVXbPhWGqrNeDb0VUV\/LWag1yYTj5w<br \/>\nkkxma4Tk5TqlhgL5su2PpjtTdFSHYD4N+4mu7g1GhRrrpz+u7ZRm3b\/WkAJg5FIg<br \/>\nU0MpPqUGAF5\/pc02ZB10FdxDwWyXAkwYUN+zfLiKzKOrBGkEw9+jvFGU+z76P9Zk<br \/>\n1XJIexpmkBYTxc+TOclhAp\/3HP4taoBHRMoR1q1YhdC++UgRSLmPLGn\/AB707JzN<br \/>\nQ80++q2kWQ==<br \/>\n=JUYg<br \/>\n&#8212;&#8211;END PGP PUBLIC KEY BLOCK&#8212;&#8211;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2014-11- Vulnerabilidad en Microsoft Kerberos KDC (CVE-2014-6324) Gravedad: ALTA Fecha de publicaci\u00f3n: Noviembre 19, 2014 Fecha de modificaci\u00f3n: Noviembre 19, 2014 \u00daltima revisi\u00f3n: Revisi\u00f3n A. Fuente: Bolet\u00edn de Seguridad de Microsoft Sistemas&#8230;<\/p>\n","protected":false},"author":4,"featured_media":295,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[8,9],"class_list":["post-288","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-avisos","tag-microsoft"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=288"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/288\/revisions"}],"predecessor-version":[{"id":292,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/288\/revisions\/292"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/295"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}