20CN网络安全小组--Internet Explorer的区域欺骗漏洞

　您现在的位置 >> 返回首页

文档发表时间：2002-08-04

Internet Explorer的区域欺骗漏洞 (阅览次)

Internet Explorer的区域欺骗漏洞

翻译：晓澜 <emile_liao@163.net>
　　　QQ: 42449970
　　　http://www.unsecret.org
---------------------------------------------

受影响系统：
Microsoft Internet Explorer 5.0 1
+ Microsoft Windows 2000 Advanced Server
+ Microsoft Windows 2000 Datacenter Server
+ Microsoft Windows 2000 Professional
+ Microsoft Windows 2000 Server
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Windows 2000 Workstation
- Microsoft Windows 2000 Workstation SP1
- Microsoft Windows 2000 Workstation SP2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Windows 2000 Workstation
- Microsoft Windows 2000 Workstation SP1
- Microsoft Windows 2000 Workstation SP2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer 5.5 SP2
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Workstation
- Microsoft Windows 2000 Workstation SP1
- Microsoft Windows 2000 Workstation SP2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Terminal Server 4.0
Microsoft Internet Explorer 5.5 SP1
- Microsoft Windows 2000 Workstation
- Microsoft Windows 2000 Workstation SP1
- Microsoft Windows 2000 Workstation SP2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer 5.5
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 95
- Microsoft Windows 98
+ Microsoft Windows ME
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer 6.0
- Microsoft Windows 2000 Workstation
- Microsoft Windows 2000 Workstation SP1
- Microsoft Windows 2000 Workstation SP2
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a

不受影响系统：无

漏洞描述：

微软发现了一个允许在企业内部网用IE浏览恶意网站的漏洞。
这个权限提升漏洞缘于IE处理通过NETBIOS协议访问网站的请求的一个缺陷，经过构造的网页能够欺骗IE，从而被认为是信任站点而被允许访问。

利用方法：

暂无

解决方法：
微软已经发布如下的补丁来解决这个问题。
Microsoft Internet Explorer 5.0 1:
Microsoft Internet Explorer 5.0.1 SP2:
Microsoft Patch q321232
http://download.microsoft.com/download/ie501sp2/secpac27/5.01_sp2/NT45/EN-US/q321232.exe
Windows NT and Windows 2000
Microsoft Internet Explorer 5.0.1 SP1:
Microsoft Internet Explorer 5.5 SP2:
Microsoft Patch q321232
http://download.microsoft.com/download/ie55sp2/secpac27/5.5_sp2/W98NT42KMe/EN-US/q321232.exe
Microsoft Internet Explorer 5.5 SP1:
Microsoft Patch q321232
http://download.microsoft.com/download/ie55sp1/secpac27/5.5_sp1/W98NT42KMe/EN-US/q321232.exe
Microsoft Internet Explorer 5.5:
Microsoft Internet Explorer 6.0:
Microsoft Patch q321232
http://download.microsoft.com/download/IE60/secpac27/6/W98NT42KMeXP/EN-US/q321232.exe

参考：
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-023.asp