荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: sonicboy (sonicboy), 信区: Security
标 题: Microsoft Windows Help机制存在漏洞
发信站: 荔园晨风BBS站 (Fri Nov 15 16:33:38 2002), 转信
近来用这个入侵的很多!因为是新的漏洞!而且影响的系统也很多,网上这样的肉鸡
很多,好在还没这类蠕虫发布,CHM文件以后少DOWN啦!呵呵!
Microsoft Windows Help机制存在漏洞
BUGTRAQ ID 严重程度 CVE ID 发布日期 更新日期
5872 高 2002-10-09 2002-10-09
错误类型 利用方式 威胁类型
边界检查错误 客户机模式 远程管理员权限
所影响的操作系统和应用程序
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
Microsoft Windows 2000 Terminal Services SP3
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services
Microsoft Windows 98 SP1
Microsoft Windows 98 j
Microsoft Windows 98 b
Microsoft Windows 98 a
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows ME
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP4
Microsoft Windows NT Server 4.0 SP3
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Server 4.0
Microsoft Windows NT Terminal Server 4.0 SP6a
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0 alpha
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Windows NT Workstation 4.0
Microsoft Windows XP
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
详细描述
Microsoft报告了在其WINDOWS HELP机制中存在2个漏洞。
第一个漏洞存在于一个函数相关的ActiveX控件中,攻击者可以通过恶意WEB页或者
HTML邮件调用和利用这个控件。利用这个漏洞可以导致缓冲溢出,以用户权利执行
任意代码。
第二个漏洞牵涉到Compiled Help Files (chm),允许攻击者在目标主机上执行任
意命令。帮助机制组件会在INTERNET临时文件目录中执行这些恶意.CHM文件。
测试代码
无
解决方案
补丁下载:
Microsoft Windows 2000 Professional SP3:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Server SP3:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Advanced Server SP3:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Terminal Services SP3:
Microsoft Windows 2000 Advanced Server SP2:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Professional SP2:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Server SP2:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Terminal Services SP2:
Microsoft Windows 2000 Terminal Services SP1:
Microsoft Windows 98 SP1:
Microsoft Windows 2000 Server SP1:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Professional SP1:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Advanced Server SP1:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows XP Home SP1:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41834
Microsoft Windows XP Professional SP1:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41834
Microsoft Windows XP 64-bit Edition SP1:
Microsoft Windows 98 j:
Microsoft Windows 98 b:
Microsoft Windows 98 a:
Microsoft Windows XP :
Microsoft Windows XP Professional :
Microsoft Windows XP Home :
Microsoft Windows 98SE :
Microsoft Patch Q323255
http://www.microsoft.
com/windows98/downloads/contents/WUCritical/q323255/default.asp
Microsoft Windows 98 :
Microsoft Patch Q323255
http://www.microsoft.
com/windows98/downloads/contents/WUCritical/q323255/default.asp
Microsoft Windows ME :
Microsoft Windows 2000 Server :
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Advanced Server :
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Professional :
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40213
Microsoft Windows 2000 Terminal Services :
Microsoft Windows XP 64-bit Edition :
Microsoft Windows NT Workstation 4.0 SP6a:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=43308
Microsoft Windows NT Terminal Server 4.0 SP6a:
Microsoft Patch Q323255
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=43308
发现者
David Litchfield of Next Generation Security Software Ltd. and Thor
Larholm of PivX Solutions.
参考:http://www.microsoft.com/technet/treeview/default.
asp?url=/technet/security/bulletin/ms02-055.asp
--
HIHI!I AM SONICBOY,MY QQ IS 28860.MY BBS : http://waterclub.126.com
http://www.yesdong.com/bbs and http://www.mkx.com
※ 来源:·荔园晨风BBS站 bbs.szu.edu.cn·[FROM: 192.168.52.9]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店