漏洞起因
边界条件错误
影响系统
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium 0
Microsoft Windows Server 2003 Enterprise x64 Edition SP2
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
3DM Software Disk Management Software SP2
3DM Software Disk Management Software SP1
不受影响系统
危害
远程攻击者可以利用漏洞以SYSTEM安全上下文执行任意指令。
攻击所需条件
攻击者必须访问Microsoft Windows WINS服务。
漏洞信息
Microsoft Windows是一款流行的操作系统。
Microsoft Windows包含的为NetBIOS网络提供名字解析服务的WINS.EXE进程在计算缓冲区长度时存在缺陷,在解析push请求过程中,WINS服务会在可控循环中拷贝报文数据到静态堆缓冲区过程中,提供特殊构建的请求,攻击者可以溢出堆缓冲区,导致以SYSTEM安全上下文执行任意指令。
默认系统不安装WINS服务。
目前没有详细漏洞细节提供。
测试方法
厂商解决方案
用户可参考如下补丁信息:
Microsoft Windows 2000 Advanced Server SP4
Microsoft Security Update for Windows 2000 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=b5b9228a-66c0 -49e6-afde-cc2825a6851f
3DM Software Disk Management Software SP2
Microsoft Security Update for Windows Server 2003 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=3a8d8ef9-ad41 -4237-9cbb-daecfd8f216c
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=e132d051-4444 -4ef1-9b6f-2d7da9d2e88e
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Security Update for Windows Server 2003 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=3a8d8ef9-ad41 -4237-9cbb-daecfd8f216c
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Security Update for Windows 2000 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=b5b9228a-66c0 -49e6-afde-cc2825a6851f
Microsoft Windows Server 2003 Itanium SP2
Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=96c3f496-7b2f -4dbc-b484-216c9943c2b1
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=3a8d8ef9-ad41 -4237-9cbb-daecfd8f216c
Microsoft Windows Server 2003 x64 SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=e132d051-4444 -4ef1-9b6f-2d7da9d2e88e
Microsoft Windows Server 2003 Enterprise x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=e132d051-4444 -4ef1-9b6f-2d7da9d2e88e
Microsoft Windows 2000 Professional SP4
Microsoft Security Update for Windows 2000 (KB969883)
http://www.microsoft.com/downloads/details.aspx?familyid=b5b9228a-66c0 -49e6-afde-cc2825a6851f
漏洞提供者
TippingPoint and the Zero Day Initiative
0 条评论。