首页 -> 安全研究

安全研究

绿盟月刊
绿盟安全月刊->第50期->最新漏洞
期刊号: 类型: 关键词:
Windows Shell远程任意代码执行漏洞(MS04-024)

日期:2004-08-05

发布日期:2004-07-13
更新日期:2004-07-15

受影响系统:
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows NT 4.0SP6a
Microsoft Windows ME
Microsoft Windows 98se
Microsoft Windows 2000SP4
Microsoft Windows 2000SP3
Microsoft Windows 2000SP2
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 9510
CVE(CAN) ID: CAN-2004-0420

Microsoft Windows是一款商业视窗操作系统。

Microsoft Windows Shell启动应用程序存在安全问题,远程攻击者可以利用这个漏洞以用户进程权限在机器上执行任意代码。

攻击者可以构建恶意WEB页,诱使用户点击来触发此漏洞,不过需要用户交互。远程攻击者可以利用这个漏洞以用户进程权限在机器上执行任意代码。

<*来源:Microsoft Security Team (secure@microsoft.com)
  
  链接:http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
*>

测试方法:
--------------------------------------------------------------------------------

警 告

以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!

GOOROO提供了如下测试方法:

Content-Disposition: attachment; filename=malware.{3050f4d8-98B5-11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"

A proof-of-concept page was also published at the following location:

http://www.malware.com/gooroo.html

建议:
--------------------------------------------------------------------------------
厂商补丁:

Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS04-024)以及相应补丁:
MS04-024:Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx

补丁下载:

Microsoft Windows NT? Workstation 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=53F0C9C1-D72F-48E8-8F70-B29A70A618E2&displaylang=en

Microsoft Windows NT Server 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=58906E66-064C-4358-9BF9-BC67B1F57BC5&displaylang=en

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

http://www.microsoft.com/downloads/details.aspx?FamilyId=34035CE3-1998-4693-8330-C4515A13407D&displaylang=en

Microsoft Windows NT? Workstation 4.0 Service Pack 6a and NT Server 4.0 Service Pack 6a with Active Desktop

http://www.microsoft.com/downloads/details.aspx?FamilyId=87096271-9716-4a46-93f3-d41fcbdf989a&displaylang=en


Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4

http://www.microsoft.com/downloads/details.aspx?FamilyId=397BE12B-A026-41A6-8E98-B4027BC6A110&displaylang=en


Microsoft Windows XP and Microsoft Windows XP Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=C3365B8E-666B-4C82-A9ED-FC0F84F107BA&displaylang=en

Microsoft Windows XP 64-Bit Edition Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=3FEE07F5-9E31-481E-9F89-2549F51147AF&displaylang=en

Microsoft Windows XP 64-Bit Edition Version 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=79CCA663-5B72-4345-A3EE-404B466731BC&displaylang=en

Microsoft Windows Server? 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=41C7BB26-3500-4492-A447-33440C404E4F&displaylang=en

Microsoft Windows Server 2003 64-Bit Edition

http://www.microsoft.com/downloads/details.aspx?FamilyId=79CCA663-5B72-4345-A3EE-404B466731BC&displaylang=en
版权所有,未经许可,不得转载
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客