|
 | 作者: pula [pula]
 论坛用户 |
登录 |
| 发布日期:2004-07-13 更新日期:2004-07-15 受影响系统: Microsoft Windows NT 4.0SP6a Microsoft Windows 2000SP4 Microsoft Windows 2000SP3 Microsoft Windows 2000SP2 描述: -------------------------------------------------------------------------------- CVE(CAN) ID: CAN-2004-0210 Microsoft Windows是一款商业视窗操作系统。 Microsoft Windows POSIX子系统存在权限提升问题,本地攻击者可以利用这个漏洞完全控制整个系统。 目前没有详细漏洞细节提供。 <*来源:Rafal Wojtczuk 链接:http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx *> 建议: -------------------------------------------------------------------------------- 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: * 可根据如下文章关闭POSIX子系统: http://support.microsoft.com/default.aspx?scid=kb;en-us;101270 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS04-020)以及相应补丁: MS04-020:Vulnerability in POSIX Could Allow Code Execution (841872) 链接:http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx 补丁下载: Microsoft Windows NT? Workstation 4.0 Service Pack 6a http://www.microsoft.com/downloads/details.aspx?FamilyId=25993F70-191B-4E35-AA1B-0AA1A7027880&displaylang=en Microsoft Windows NT Server 4.0 Service Pack 6a http://www.microsoft.com/downloads/details.aspx?FamilyId=C2018A81-446C-4930-A6CC-EA5B5960FF05&displaylang=en Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 http://www.microsoft.com/downloads/details.aspx?FamilyId=9CFC4AF3-B0BC-4798-BC23-F45739E3B802&displaylang=en Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=9CFC4AF3-B0BC-4798-BC23-F45739E3B802&displaylang=en 作者: 不详 转自: 银色巢穴 |
| 地主 发表时间: 04-07-25 13:31 |
 | 回复: hackerjune [hackerjune]  论坛用户 |
登录 |
|
很早就看过了啊! |
| B1层 发表时间: 04-08-26 08:53 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 黑客进阶 标题: MicrosoftPOSIX本地权限提升(MS04-020)[转载]