漏洞信息详情
Microsoft Windows 内核符号链接本地拒绝服务攻击漏洞
- CNNVD编号:CNNVD-201004-259
- 危害等级: 中危
- CVE编号: CVE-2010-0235
- 漏洞类型: 输入验证
- 发布时间: 2010-04-14
- 威胁类型: 本地
- 更新时间: 2019-02-27
- 厂 商: microsoft
- 漏洞来源: Matthew 'j00ru' Ju...
漏洞简介
Windows 是Microsoft公司开发的广为流行的视窗操作系统。
Microsoft Windows 内核符号链接存在本地拒绝服务攻击漏洞。Microsoft Windows 2000 SP4、 XP SP2 & SP3、 Server 2003 SP2、和Vista Gold的内核在创建符号链接前无法进行预期的验证,本地用户可以通过特制的应用引发拒绝服务(重启),即‘Windows内核符号链接值漏洞’。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
Microsoft Windows XP Media Center Edition SP2
Microsoft Security Update for Windows XP (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F
Microsoft Windows Vista x64 Edition 0
Microsoft Security Update for Windows Vista for x64-based Systems (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=7C84AA24-6331-427A-969C-27F7D39DB3D7
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=1FC66F54-260A-4219-A0B4-056BA9DD0ABE
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Security Update for Windows XP (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F
Microsoft Windows XP Media Center Edition SP3
Microsoft Security Update for Windows XP (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=0A7EA2D0-61CE-4B68-AD82-D917B1A56F9D
Microsoft Windows Vista Home Premium
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
Microsoft Windows Vista Enterprise
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Security Update for Windows XP x64 Edition (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=3C0CB02E-3484-4CDF-8C64-C697AD3E2889
Microsoft Windows Vista 0
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
Microsoft Windows Vista Business
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
Microsoft Windows Server 2003 x64 SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=1FC66F54-260A-4219-A0B4-056BA9DD0ABE
Microsoft Windows XP Tablet PC Edition SP3
Microsoft Security Update for Windows XP (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F
Microsoft Windows Vista Home Basic
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
Microsoft Windows 2000 Advanced Server SP4
Microsoft Security Update for Windows 2000 (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=C5F4577E-7546-40E9-8BCD-BE11C1B260A6
Microsoft Windows Vista Ultimate
Microsoft Security Update for Windows Vista (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374
3DM Software Disk Management Software SP2
Microsoft Security Update for Windows Server 2003 (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=0A7EA2D0-61CE-4B68-AD82-D917B1A56F9D
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Security Update for Windows Server 2003 (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=0A7EA2D0-61CE-4B68-AD82-D917B1A56F9D
Microsoft Windows XP Home SP2
Microsoft Security Update for Windows XP (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Security Update for Windows 2000 (KB979683)
http://www.microsoft.com/downloads/details.aspx?familyid=C5F4577E-7546-40E9-8BCD-BE11C1B260A6
Microsoft Windows Server 2003 Itanium SP2
Microsoft Security Update for Windows Server 2003 for I
参考网址
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7509
来源:SECTRACK
链接:http://www.securitytracker.com/id?1023850
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA10-103A.HTML
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021
来源:SECUNIA
链接:http://secunia.com/advisories/39373
受影响实体
- Microsoft Windows_vista:X64
- Microsoft Windows_vista
- Microsoft Windows_2003_server:Sp2:Itanium
- Microsoft Windows_xp:-:Sp2:X64
- Microsoft Windows_server_2003:Sp2:X64
补丁
- Security Update for Windows XP (KB979683)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB979683)
- Security Update for Windows Server 2003 x64 Edition (KB979683)
- Security Update for Windows Server 2003 (KB979683)
- Security Update for Windows Vista for x64-based Systems (KB979683)
评论