漏洞信息详情
Microsoft Windows Messenger服务远程堆溢出漏洞(MS03-043/KB828035)
- CNNVD编号:CNNVD-200311-085
- 危害等级: 高危
- CVE编号: CVE-2003-0717
- 漏洞类型: 边界条件错误
- 发布时间: 2003-10-07
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: microsoft
- 漏洞来源: Dave Korn※ davek_t...
漏洞简介
Microsoft Windows是微软开发的视窗操作系统,Windows Messenger服务用于服务器与客户端之间互相发送一些短消息。 Microsoft Windows Messenger服务存在堆溢出问题,远程攻击者可以利用这个漏洞以系统权限在目标机器上执行任意指令。 问题存在于Messenger服务程序的search-by-name函数中,攻击者提交特定序列的字符串给这个函数可造成堆溢出,精心构建提交数据可能以系统权限在目标机器上执行任意指令。 消息通过NetBiOS或者RPC提交给消息服务,因此可以通过封闭NETBiOS端口(137-139)和使用防火墙过滤UDP广播包来阻挡此类消息。
漏洞公告
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 在边界防火墙或者个人防火墙上禁止不可信主机访问NETBiOS和RPC端口135、137、139(TCP/UDP)
* 禁用Messenger服务。
打开"开始" ,(或打开"设置")点击"控制面板",然后双击"管理工具",双击"服务",找到并双击"Messenger", 在"启动类型"的下拉框中选择"已禁用",然后点击"停止",然后点击"确定"。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS03-043)以及相应补丁:
MS03-043:Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
链接: http://www.microsoft.com/technet/security/bulletin/MS03-043.asp
补丁下载:
* Microsoft Windows NT Workstation 4.0, Service Pack 6a
http://www.microsoft.com/downloads/details.aspx?FamilyId=7597FCF4-6615-4074-9E46-A17D808ED38D&displaylang=en
* Microsoft Windows NT Server 4.0, Service Pack 6a
http://www.microsoft.com/downloads/details.aspx?FamilyId=B1949456-996A-485A-9A28-79FD79F26A1B&displaylang=en
* Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6
http://www.microsoft.com/downloads/details.aspx?FamilyId=64AB4B66-1A6E-4264-93A8-26CDB98B05A8&displaylang=en
* Microsoft Windows 2000, Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=A0061377-1683-4C13-9527-5534F6C7CF85&displaylang=en
* Microsoft Windows 2000, Service Pack 3, Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=99F1B40D-906A-4945-A021-4B494CCCBDE0&displaylang=en
* Microsoft Windows XP Gold, Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=F02DA309-4B0A-4438-A0B9-5B67414C3833&displaylang=en
* Microsoft Windows XP 64-bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=2BE95254-4C65-4CA5-80A5-55FDF5AA2296&displaylang=en
* Microsoft Windows XP 64-bit Edition Version 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=8B990946-84C8-4C91-899C-5A44EC13174E&displaylang=en
* Microsoft Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=1DF106F3-7EC4-4EB0-9143-C1E3C9E2F5F8&displaylang=en
* Microsoft Windows Server 2003 64-bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=8B990946-84C8-4C91-899C-5A44EC13174E&displaylang=en
参考网址
来源:US-CERT Vulnerability Note: VU#575892 名称: VU#575892 链接:http://www.kb.cert.org/vuls/id/575892 来源:CERT/CC Advisory: CA-2003-27 名称: CA-2003-27 链接:http://www.cert.org/advisories/CA-2003-27.HTML 来源: BID 名称: 8826 链接:http://www.securityfocus.com/bid/8826 来源: MS 名称: MS03-043 链接:http://www.microsoft.com/technet/security/bulletin/ms03-043.asp 来源: BUGTRAQ 名称: 20031016 MS03-043 Popup Messenger Servce buffer-overflow 链接:http://marc.theaimsgroup.com/?l=ntbugtraq&m=106632188709562&w=2 来源: BUGTRAQ 名称: 20031018 Proof of concept for Windows Messenger Service overflow 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=106666713812158&w=2 来源: US Government Resource: oval:org.mitre.oval:def:268 名称: oval:org.mitre.oval:def:268 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:268 来源: US Government Resource: oval:org.mitre.oval:def:213 名称: oval:org.mitre.oval:def:213 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:213
受影响实体
- Microsoft Windows_2000:Sp1:Professional
- Microsoft Windows_2000:Sp1:Datacenter_server
- Microsoft Windows_2000:Advanced_server
- Microsoft Windows_2000:Datacenter_server
- Microsoft Windows_2000:Professional
补丁
暂无
评论