安全研究
安全漏洞
Microsoft DirectX DirectPlay远程畸形包拒绝服务漏洞(MS04-016)
发布日期:2004-06-08
更新日期:2004-06-14
受影响系统:
Microsoft DirectX 9.0 b不受影响系统:
Microsoft DirectX 8.2
Microsoft DirectX 8.1 b
Microsoft DirectX 8.1 a
Microsoft DirectX 8.1
Microsoft DirectX 8.0 a
Microsoft DirectX 8.0
Microsoft DirectX 7.1
Microsoft DirectX 7.0 a
Microsoft DirectX 7.0
Microsoft DirectX 9.0 a
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home
- Microsoft Windows XP 64-bit Edition SP1
- Microsoft Windows XP 64-bit Edition
- Microsoft Windows ME
- Microsoft Windows 2003 Web Edition
- Microsoft Windows 2003 Standard Edition
- Microsoft Windows 2003 Enterprise Edition 64-bit
- Microsoft Windows 2003 Enterprise Edition
- Microsoft Windows 2003 Datacenter Edition 64-bit
- Microsoft Windows 2000 Server SP4
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Datacenter Server SP3
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Advanced Server SP3
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
Microsoft DirectX 6.1描述:
Microsoft DirectX 5.2
BUGTRAQ ID: 10487
CVE(CAN) ID: CVE-2004-0202
DirectX是Windows操作系统下的多媒体系统链接库。
Microsoft DirectX DirectPlay由于不正确处理畸形网络数据,远程攻击者可以利用这个漏洞对链接的应用程序进行拒绝服务攻击。
Microsoft DirectPlay的IDirectPlay4应用编程接口存在拒绝服务问题,此API一般处理基于网络的多人游戏,攻击者利用此问题可导致应用程序崩溃,目前没有详细漏洞细节提供。
<*来源:John Lampe (jwlampe@nessus.org)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-016.mspx
*>
建议:
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS04-016)以及相应补丁:
MS04-016:Vulnerability in DirectPlay Could Allow Denial of Service (839643)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-016.mspx
补丁下载:
Microsoft Windows 2000 Professional SP4:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows 2000 Server SP4:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows 2000 Professional SP3:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows 2000 Server SP3:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows 2000 Professional SP2:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows 2000 Server SP2:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft Windows XP Home SP1:
Microsoft Patch Security Update for Windows XP (KB839643)
http://download.microsoft.com/download/1/e/5/1e5d946b-3ee9-4c6a-b364-0eb45aef8146/WindowsXP-KB839643-x86-ENU.EXE
Microsoft Windows XP Professional SP1:
Microsoft Patch Security Update for Windows XP (KB839643)
http://download.microsoft.com/download/1/e/5/1e5d946b-3ee9-4c6a-b364-0eb45aef8146/WindowsXP-KB839643-x86-ENU.EXE
Microsoft Windows XP 64-bit Edition SP1:
Microsoft Patch Security Update for Windows XP 64-bit Edition (KB839643)
http://download.microsoft.com/download/9/e/9/9e91475c-102d-4291-bc68-51d3edb654e7/WindowsXP-KB839643-ia64-ENU.EXE
Microsoft Windows XP 64-bit Edition Version 2003 SP1:
Microsoft Patch Security Update for Windows Server 2003 64 Bit Ed. and Windows XP 64 Bit Ed. V.2003 (KB839643)
http://download.microsoft.com/download/e/b/3/eb34a668-6145-4842-8873-5b4f33ecc929/WindowsServer2003-KB839643-IA64-ENU.EXE
Microsoft Windows Server 2003 Standard Edition :
Microsoft Patch Security Update for Windows Server 2003 (KB839643)
http://download.microsoft.com/download/3/a/9/3a996897-848d-479d-933f-f7f13776db02/WindowsServer2003-KB839643-x86-ENU.EXE
Microsoft Windows Server 2003 Enterprise Edition :
Microsoft Patch Security Update for Windows Server 2003 (KB839643)
http://download.microsoft.com/download/3/a/9/3a996897-848d-479d-933f-f7f13776db02/WindowsServer2003-KB839643-x86-ENU.EXE
Microsoft Windows Server 2003 Datacenter Edition :
Microsoft Patch Security Update for Windows Server 2003 (KB839643)
http://download.microsoft.com/download/3/a/9/3a996897-848d-479d-933f-f7f13776db02/WindowsServer2003-KB839643-x86-ENU.EXE
Microsoft Windows Server 2003 Web Edition :
Microsoft Patch Security Update for Windows Server 2003 (KB839643)
http://download.microsoft.com/download/3/a/9/3a996897-848d-479d-933f-f7f13776db02/WindowsServer2003-KB839643-x86-ENU.EXE
Microsoft Windows Server 2003 Enterprise Edition 64-bit :
Microsoft Patch Security Update for Windows Server 2003 64 Bit Ed. and Windows XP 64 Bit Ed. V.2003 (KB839643)
http://download.microsoft.com/download/e/b/3/eb34a668-6145-4842-8873-5b4f33ecc929/WindowsServer2003-KB839643-IA64-ENU.EXE
Microsoft Windows Server 2003 Datacenter Edition 64-bit :
Microsoft Patch Security Update for Windows Server 2003 64 Bit Ed. and Windows XP 64 Bit Ed. V.2003 (KB839643)
http://download.microsoft.com/download/e/b/3/eb34a668-6145-4842-8873-5b4f33ecc929/WindowsServer2003-KB839643-IA64-ENU.EXE
Microsoft Windows XP 64-bit Edition Version 2003 :
Microsoft Patch Security Update for Windows Server 2003 64 Bit Ed. and Windows XP 64 Bit Ed. V.2003 (KB839643)
http://download.microsoft.com/download/e/b/3/eb34a668-6145-4842-8873-5b4f33ecc929/WindowsServer2003-KB839643-IA64-ENU.EXE
Microsoft Windows XP Professional :
Microsoft Patch Security Update for Windows XP (KB839643)
http://download.microsoft.com/download/1/e/5/1e5d946b-3ee9-4c6a-b364-0eb45aef8146/WindowsXP-KB839643-x86-ENU.EXE
Microsoft Windows XP Home :
Microsoft Patch Security Update for Windows XP (KB839643)
http://download.microsoft.com/download/1/e/5/1e5d946b-3ee9-4c6a-b364-0eb45aef8146/WindowsXP-KB839643-x86-ENU.EXE
Microsoft Windows XP 64-bit Edition :
Microsoft Patch Security Update for Windows XP 64-bit Edition (KB839643)
http://download.microsoft.com/download/9/e/9/9e91475c-102d-4291-bc68-51d3edb654e7/WindowsXP-KB839643-ia64-ENU.EXE
Microsoft DirectX 7.0:
Microsoft Patch Security Update for DirectX 7.0 (KB839643)
http://download.microsoft.com/download/7/c/2/7c25145d-5c6d-4408-b2c2-56bbab0d8335/Windows2000-KB839643-x86-ENU.EXE
It should be noted that this fix targets Windows 2000:
Microsoft DirectX 8.0 a:
Microsoft Patch Update for the IDirectPlay4 API of Microsoft DirectX 8.0x (DirectPlay) (KB839643)
http://download.microsoft.com/download/7/8/7/7871f202-2396-454c-bc76-b9665b079891/DirectX80-KB839643-x86-ENU.EXE
Microsoft DirectX 8.0:
Microsoft Patch Update for the IDirectPlay4 API of Microsoft DirectX 8.0x (DirectPlay) (KB839643)
http://download.microsoft.com/download/7/8/7/7871f202-2396-454c-bc76-b9665b079891/DirectX80-KB839643-x86-ENU.EXE
Microsoft DirectX 8.1 b:
Microsoft Patch KB839643 - Update for the IDirectPlay4 API of Microsoft DirectPlay.
http://download.microsoft.com/download/1/9/5/195fbc86-be68-419f-a3af-e485ceaf39f1/DirectX81-KB839643-x86-ENU.EXE
Microsoft DirectX 8.1 a:
Microsoft Patch KB839643 - Update for the IDirectPlay4 API of Microsoft DirectPlay.
http://download.microsoft.com/download/1/9/5/195fbc86-be68-419f-a3af-e485ceaf39f1/DirectX81-KB839643-x86-ENU.EXE
Microsoft DirectX 8.1:
Microsoft Patch KB839643 - Update for the IDirectPlay4 API of Microsoft DirectPlay.
http://download.microsoft.com/download/1/9/5/195fbc86-be68-419f-a3af-e485ceaf39f1/DirectX81-KB839643-x86-ENU.EXE
Microsoft DirectX 8.2:
Microsoft Patch Update for the IDirectPlay4 API of Microsoft for DirectX 8.2 (DirectPlay) (KB839643)
http://download.microsoft.com/download/e/3/f/e3f2f45d-0915-47d3-8e86-3404a558c2ba/DirectX82-KB839643-x86-ENU.EXE
Microsoft DirectX 9.0 b:
Microsoft Patch Update for the IDirectPlay4 API of Microsoft for DirectX 9.0x (DirectPlay) (KB839643)
http://download.microsoft.com/download/5/8/4/584e3b1c-37ed-4845-8c04-232858b468e9/DirectX90-KB839643-x86-ENU.EXE
Microsoft DirectX 9.0 a:
Microsoft Patch Update for the IDirectPlay4 API of Microsoft for DirectX 9.0x (DirectPlay) (KB839643)
http://download.microsoft.com/download/5/8/4/584e3b1c-37ed-4845-8c04-232858b468e9/DirectX90-KB839643-x86-ENU.EXE
浏览次数:3820
严重程度:0(网友投票)
绿盟科技给您安全的保障