Windows远程缓冲区溢出漏洞

(2003-12-25 13:24 )( )(国家计算机网络入侵防范中心 )
导读-- Windows Workstation Service (WKSSVC.DLL)中的日志功能存在基于堆的缓冲区溢出漏洞……
天极IT资讯短信服务 电脑小技巧
资费:包月5元
手机:
介绍:细处着手,巧处用功。高手和菜鸟之间的差别就是:高手什么都知道,菜鸟知道一些。电脑小技巧收集最新奇招高招,让你轻松踏上高手之路。

  中心编号:NIPC-2003-0912

  CVE编号:CAN-2003-0812

  漏洞级别:

  发布日期:2003-12-24

  更新日期:2003-12-15

  漏洞类型:输入验证错误,边界限制错误

  攻击类型:远程

  攻击效果:安全保护

  受影响系统:

  Microsoft, Windows 2000, Advanced Server SP4
  Microsoft, Windows 2000, Advanced Server SP3
  Microsoft, Windows 2000, Advanced Server SP2
  Microsoft, Windows 2000, Advanced Server SP1
  Microsoft, Windows 2000, Advanced Server
  Microsoft, Windows 2000, Datacenter Server SP4
  Microsoft, Windows 2000, Datacenter Server SP3
  Microsoft, Windows 2000, Datacenter Server SP2
  Microsoft, Windows 2000, Datacenter Server SP1
  Microsoft, Windows 2000, Datacenter Server
  Microsoft, Windows 2000, Professional SP4
  Microsoft, Windows 2000, Professional SP3
  Microsoft, Windows 2000, Professional SP2
  Microsoft, Windows 2000, Professional SP1
  Microsoft, Windows 2000, Professional
  Microsoft, Windows 2000, Server SP4
  Microsoft, Windows 2000, Server SP3
  Microsoft, Windows 2000, Server SP2
  Microsoft, Windows 2000, Server SP1
  Microsoft, Windows 2000, Server
  Microsoft, Windows XP, 64-bit Edition SP1
  Microsoft, Windows XP, 64-bit Edition
  Microsoft, Windows XP, Home SP1
  Microsoft, Windows XP, Home
  Microsoft, Windows XP,
  Media Center Edition
  Microsoft, Windows XP, Professional SP1
  Microsoft, Windows XP, Professional

  漏洞描述:

  Windows Workstation Service (WKSSVC.DLL)中的日志功能存在基于堆的缓冲区溢出漏洞,通过RPC调用向日志文件("NetSetup.LOG")中写入超长参数,如我们使用NetValidateName() API,远程攻击者利用这个漏洞可以在系统中执行任意指令。

  参考资源一:

  Source: The Aims GroupType: Generaland PatchName: Windows Workstation Service Remote Buffer Overflow

  http://marc.theaimsgroup.com/?l=bugtraq&m=106859247713009&w=2

  参考资源二:

  Source: MicrosoftType: Generaland PatchName: Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)

  http://www.microsoft.com/technet/security/bulletin/MS03-049.asp

  Reference 4:This reference is to a non-NIST site. (disclaimer)Source: CERTType: Generaland PatchName: Microsoft Windows Workstation service vulnerable to buffer overflow when sent specially crafted network message

  http://www.kb.cert.org/vuls/id/567620 Reference 5:This reference is to a non-NIST site.

  (disclaimer)Source: Security FocusType: Generaland PatchName: bid 9011

  http://www.securityfocus.com/bid/9011

责编:
订阅新闻邮件) (推荐) (打印) (关闭页面) (至顶) (我对此感兴趣
相关文章
天极社区邀请您:写博客日记  上传相片   论坛聊天  订阅电子杂志  彩信蚂蚁  推荐网摘  
笔名:
请您注意:

 遵守国家有关法律、法规,尊重网上道德,承担一切因您的行为而直接或间接引起的法律责任。

 天极网拥有管理笔名和留言的一切权利。