| Microsoft HyperTerminal远程缓冲区溢出漏洞 |
|
| Microsoft HyperTerminal远程缓冲区溢出漏洞 |
|
| |
|
受影响系统:
Microsoft Windows XP
Microsoft Windows NT 4.0SP6a
Microsoft Windows 2003
Microsoft Windows 2000SP4
Microsoft Windows 2000SP3
描述:
--------------------------------------------------------------------------------
CVE(CAN) ID: CAN-2004-0568
Windows HyperTerminal是一款超级终端软件。
Windows HyperTerminal在处理恶意会话文件时存在问题,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以进程权限执行任意指令。
构建恶意HyperTerminal会话文件可触发缓冲区溢出,攻击者可以诱使用户打开,如HyperTerminal设置为默认telnet客户端使用,那么通过恶意telnet url链接,也可触发缓冲区溢出,可能以系统进程权限执行任意指令。
<*来源:Brett Moore (brett.moore@SECURITY-ASSESSMENT.COM)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS04-043)以及相应补丁:
MS04-043:Vulnerability in HyperTerminal Could Allow Code Execution (873339)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx
补丁下载:
Microsoft Windows NT Server 4.0 Service Pack 6a
http://www.microsoft.com/downloads/details.aspx?FamilyId=7CC7F82D-F2A2-49AA-BF33-897498898EAD
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
http://www.microsoft.com/downloads/details.aspx?FamilyId=69F3259F-3004-462C-B2A8-37F65EB78A2D
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?FamilyId=DA3DD6C9-DB7E-40A6-AFD0-5ED87C42190D
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=96BBD220-5E2A-43AD-B8B7-54EC608BD8BE
Microsoft Windows XP 64-Bit Edition Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=4970DA24-8C3B-4D99-8F89-13E8AF2E4382
Microsoft Windows XP 64-Bit Edition Version 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=06662D6D-E397-40F7-A7A6-9330FBA17EBF
Microsoft Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=3A36E94B-A39F-4B56-8A2D-42F1089DD158
Microsoft Windows Server 2003 64-Bit Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=06662D6D-E397-40F7-A7A6-9330FBA17EBF |
 |
频道声明:本频道的文章除部分特别声明禁止转载的专稿外,可以自由转载.但请务必注明出出处和原始作者 文章版权归本频道与文章作者所有.对于被频道转载文章的个人和网站,我们表示深深的谢意。
| 原始作者:佚名 |
录入时间:2006-11-3 |
| 信息来源:不详 |
投稿信箱:itqoo@126.com |
|
|
 |
|
|
| 教程录入:admin 责任编辑:admin |
|
上一个教程: phpBB附件模块HTTP POST注入远程目录遍历漏洞
下一个教程: Microsoft WINS服务远程缓冲区溢出漏洞 |
| 【字体:小 大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 |
用户登录 
新用户注册 
网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!) 