安全研究
安全漏洞
Microsoft Windows内核消息处理本地缓冲区溢出漏洞(MS03-013)
发布日期:2003-04-17
更新日期:2003-04-22
受影响系统:
Microsoft Windows XP Professional SP1描述:
Microsoft Windows XP Professional
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows NT 4.0SP6a
Microsoft Windows NT 4.0SP6
Microsoft Windows NT 4.0SP5
Microsoft Windows NT 4.0SP4
Microsoft Windows NT 4.0SP3
Microsoft Windows NT 4.0SP2
Microsoft Windows NT 4.0SP1
Microsoft Windows NT 4.0
Microsoft Windows 2000SP3
Microsoft Windows 2000SP2
Microsoft Windows 2000SP1
Microsoft Windows 2000
BUGTRAQ ID: 7370
CVE(CAN) ID: CVE-2003-0112
Windows内核是操作系统核心部分,提供系统级别服务如设备和内存管理,分配处理器时间和管理错误处理。
Windows内核在处理错误消息给调试器时存在一个缺陷,本地攻击者可以利用这个漏洞在系统中进行任何操作,如删除数据,增加管理员访问级别帐户或重新配置系统。
在内核调试支持代码传递调试事件给用户模式调试器时存在漏洞。LpcRequestWaitReplyPort()函数由内核调用,不适当的信任用户空间进程报告给内核的消息大小,利用这个漏洞,攻击者精心构建事件消息可能以"Ring0"级执行任意代码,即对所有系统资源访问没有任何限制。
<*来源:Entercept Security Alert (ricochet@entercept.com)
链接:http://www.entercept.com/news/uspr/04-16-03.asp
http://www.microsoft.com/technet/security/bulletin/MS03-013.asp
*>
建议:
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS03-013)以及相应补丁:
MS03-013:Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)
链接:http://www.microsoft.com/technet/security/bulletin/MS03-013.asp
补丁下载:
Microsoft Windows 2000 Professional SP3:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Server SP3:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Advanced Server SP3:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Terminal Services SP3:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Datacenter Server SP3:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Advanced Server SP2:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Datacenter Server SP2:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Professional SP2:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Server SP2:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows 2000 Terminal Services SP2:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=CACAC8C0-81E9-413E-B565-5D7B3257A733&displaylang=en
All except Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=81E6E80C-5E56-4466-98C1-4DDF6CF3893F&displaylang=ja
Japanese NEC
Microsoft Windows XP Home SP1:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=9F81E615-3DEC-4A4B-826A-4E0FEAB42323&displaylang=en
Microsoft Windows XP Professional SP1:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=9F81E615-3DEC-4A4B-826A-4E0FEAB42323&displaylang=en
Microsoft Windows XP 64-bit Edition SP1:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=DBC47904-51C8-475A-9900-3DF363A51A3A&displaylang=en
Microsoft Windows XP 64-bit Edition :
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=DBC47904-51C8-475A-9900-3DF363A51A3A&displaylang=en
Microsoft Windows XP Professional :
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=9F81E615-3DEC-4A4B-826A-4E0FEAB42323&displaylang=en
Microsoft Windows XP Home :
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=9F81E615-3DEC-4A4B-826A-4E0FEAB42323&displaylang=en
Microsoft Windows NT Enterprise Server 4.0 SP6a:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=C3596ED1-596F-416C-8BE5-91AE65619A1A&displaylang=en
All except Japanese NEC and Chinese - Hong Kong
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=6D83F8BA-BF16-4EC5-9187-9B03E9AE825F&displaylang=ja
Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=0FF5C348-F7A0-44E8-8D82-557389FB4590&displaylang=zh-tw
Chinese - Hong Kong
Microsoft Windows NT Server 4.0 SP6a:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=C3596ED1-596F-416C-8BE5-91AE65619A1A&displaylang=en
All except Japanese NEC and Chinese - Hong Kong
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=6D83F8BA-BF16-4EC5-9187-9B03E9AE825F&displaylang=ja
Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=0FF5C348-F7A0-44E8-8D82-557389FB4590&displaylang=zh-tw
Chinese - Hong Kong
Microsoft Windows NT Terminal Server 4.0 SP6a:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=910A0015-3723-4A4E-9049-99A4CE52B5F8&displaylang=en
Microsoft Windows NT Workstation 4.0 SP6a:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=C3596ED1-596F-416C-8BE5-91AE65619A1A&displaylang=en
All except Japanese NEC and Chinese - Hong Kong
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=6D83F8BA-BF16-4EC5-9187-9B03E9AE825F&displaylang=ja
Japanese NEC
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=0FF5C348-F7A0-44E8-8D82-557389FB4590&displaylang=zh-tw
Chinese - Hong Kong
Microsoft Windows NT Terminal Server 4.0 SP6:
Microsoft Patch Q811493
http://microsoft.com/downloads/details.aspx?FamilyId=910A0015-3723-4A4E-9049-99A4CE52B5F8&displaylang=en
浏览次数:5828
严重程度:0(网友投票)
绿盟科技给您安全的保障