| Title: | Multiple critical vulnerabilities affecting Sony VAIO Media Integrated Server |
| Announcement date: | 16 August 2006 |
| Advisory Reference: | ptl-2006-02 |
| Products: | Sony VAIO Media Integrated Server |
| Vulnerability Type: | Buffer Overflow, Directory Traversal |
| Vendor-URL: | http://www.vaio.sony-europe.com |
| Vendor-Status: | Patch Released |
| Remotely Exploitable: | Yes |
| Locally Exploitable: | Yes |
| Advisory URL (Europe): | http://kb.sony-europe.com/kb/solutions/en/V00000_V00499/v00246.html |
| Advisory URL (Japan): | http://vcl.vaio.sony.co.jp/notices/security/info211.html |
| Advisory URL (USA): | http://esupport.sony.com/perl/swu-download.pl?upd_id=2207&SMB=YES |
| Advisory URL (Asia): | http://www.css.ap.sony.com/VAIO/Website/General/ImportantNotices.aspx?Section=SN&file=/vaio/importantnotice/security_notice/SecurityNotice_VMIS.htm |
Multiple vulnerabilities have been discovered in Sony's VAIO Media Integrated Server software, allowing arbitrary code to be executed with full SYSTEM privileges and additionally allowing arbitrary files to be retrieved from the host operating system.
The severity of these issues is deemed critical due to the VAIO Media Integrated Server software running in the context of the SYSTEM user.
The following versions of the VAIO Media Integrated Server are affected by these vulnerabilities:
VAIO Media Server 2.x, 3.x, 4.x, and 5.x
| 11-04-2006 - | Initial Pentest Limited Notification to Sony, without response |
| 13-04-2006 - | Vulnerablities reported to JPCERT/CC |
| 04-05-2006 - | Response from JPCERT/CC, indicating that Sony have confirmed the existence of the vulnerabilities |
| 26-06-2006 - | Sony begin distribution of patches to Japan, Asia, USA and Europe Locales |
Official fixes to the issues covered by this security advisory have been released. To implement the fix, install the relevant update for the version of VAIO Media Integrated Server in use by visiting the advisory URLs referenced above.
As a workaround prior to updating the affected software, it is suggested that access to the VAIO Media Server be denied to remote users.
These vulnerabilities were discovered by Joe Moore from Pentest Limited.