安全研究
安全漏洞
Microsoft Windows 2000远程访问服务本地缓冲区溢出漏洞(MS02-029)
发布日期:2002-05-27
更新日期:2002-06-02
受影响系统:
Microsoft Microsoft Windows RAS描述:
- Microsoft Windows XP
- Microsoft Windows Terminal Server 4.0
- Microsoft Windows NT 4.0
- Microsoft Windows 2000 SP3
BUGTRAQ ID: 4852
CVE ID: CVE-2002-0366
Microsoft Windows系统中包含远程访问服务(RAS)允许计算机利用拨号连接访问远端网络。
Microsoft Windows中的RAS服务实现上存在漏洞,可导致本地攻击者进行缓冲区溢出攻击。
Microsoft Windows RAS服务的rasphone.pbk文件存放了拨号属性如拨号号码、安全及网络设置等用于连接远端网络的信息。RAS的实现对rasphone.pbk文件中条目解释处理存在缓冲区溢出漏洞,可导致本地攻击者利用特殊超长的条目进行缓冲区溢出,以SYSTEM的权限在目标系统中执行任意指令。
<*来源:Next Generation Security Software
链接:http://www[.]nextgenss[.]com/vna/ms-ras.txt
http://archives.neohapsis.com/archives/bugtraq/2002-06/0118.html
http://www.microsoft.com/technet/security/bulletin/MS02-029.asp
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 为rasphone.pbk文件设置正确的权限,确保低权限用户不能编辑。
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS02-029)以及相应补丁:
MS02-029:Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
链接:http://www.microsoft.com/technet/security/bulletin/MS02-029.asp
补丁下载:
* Microsoft Windows NT 4.0:
http://www.microsoft.com/ntserver/nts/downloads/security/q318138/default.asp
* Microsoft Windows NT 4.0 running RRAS (English Only):
http://www.microsoft.com/ntserver/nts/downloads/security/q318138/default.asp
* Microsoft Windows NT 4.0 Terminal Server Edition:
http://www.microsoft.com/ntserver/terminalserver/downloads/security/q318138/default.asp
* Microsoft Windows NT 4.0 Terminal Server Edition running RRAS
(English Only):
http://www.microsoft.com/ntserver/terminalserver/downloads/security/q318138/default.asp
* Microsoft Windows 2000:
http://www.microsoft.com/windows2000/downloads/security/q318138/default.asp
* Microsoft Windows XP:
http://www.microsoft.com/downloads/release.asp?ReleaseID=38833
* Microsoft Windows XP 64-bit Edition:
http://www.microsoft.com/downloads/release.asp?ReleaseID=39011
浏览次数:3430
严重程度:0(网友投票)
绿盟科技给您安全的保障