| 微软Windows
工作站服务远程缓冲区溢出漏洞 |
| 2003年12月25日10:14:05 国家计算机网络入侵防范中心 |
中心编号:NIPC-2003-0912
CVE编号:CAN-2003-0812
漏洞级别:高
发布日期:2003-12-24
更新日期:2003-12-15
漏洞类型:输入验证错误,边界限制错误
攻击类型:远程
攻击效果:安全保护
受影响系统:
Microsoft, Windows 2000, Advanced Server SP4Microsoft,
Windows 2000, Advanced Server SP3Microsoft, Windows 2000,
Advanced Server SP2Microsoft, Windows 2000, Advanced Server
SP1Microsoft, Windows 2000, Advanced Server Microsoft,
Windows 2000, Datacenter Server SP4Microsoft, Windows 2000,
Datacenter Server SP3Microsoft, Windows 2000, Datacenter
Server SP2Microsoft, Windows 2000, Datacenter Server
SP1Microsoft, Windows 2000, Datacenter Server Microsoft,
Windows 2000, Professional SP4Microsoft, Windows 2000,
Professional SP3Microsoft, Windows 2000, Professional
SP2Microsoft, Windows 2000, Professional SP1Microsoft,
Windows 2000, Professional Microsoft, Windows 2000, Server
SP4Microsoft, Windows 2000, Server SP3Microsoft, Windows
2000, Server SP2Microsoft, Windows 2000, Server
SP1Microsoft, Windows 2000, Server Microsoft, Windows XP,
64-bit Edition SP1Microsoft, Windows XP, 64-bit Edition
Microsoft, Windows XP, Home SP1Microsoft, Windows XP, Home
Microsoft, Windows XP, Media Center Edition Microsoft,
Windows XP, Professional SP1Microsoft, Windows XP,
Professional
漏洞描述:
Windows Workstation Service (WKSSVC.DLL)中的日志功能存在基于堆的缓冲区溢出漏洞,通过RPC调用向日志文件("NetSetup.LOG")中写入超长参数,如我们使用NetValidateName()
API,远程攻击者利用这个漏洞可以在系统中执行任意指令。
参考资源一:
Source: The Aims GroupType: Generaland PatchName:
Windows Workstation Service Remote Buffer Overflow
http://marc.theaimsgroup.com/?l=bugtraq&m=106859247713009&w=2
参考资源二:
Source: MicrosoftType: Generaland PatchName: Buffer
Overrun in the Workstation Service Could Allow Code
Execution (828749)
http://www.microsoft.com/technet/security/bulletin/MS03-049.asp
Reference 4:This reference is to a non-NIST site. (disclaimer)Source:
CERTType: Generaland PatchName: Microsoft Windows
Workstation service vulnerable to buffer overflow when sent
specially crafted network message
http://www.kb.cert.org/vuls/id/567620
Reference 5:This reference is to a non-NIST site.
(disclaimer)Source: Security FocusType: Generaland
PatchName: bid 9011
http://www.securityfocus.com/bid/9011
|
|
|
