>受影响的版本:
Windows Server 2003 (Internet Explorer 6.0)
裂痕调查:
Windows Server 2003的这个裂痕会致使长途进攻者改动注册表"Shell Folders"目次,从而无需任何登岸认证,等闲得到体系文件夹中%USERPROFILE%文件的会见权。
ex.) %USERPROFILE% = "C:Documents and Settings%USERNAME%"
具体资料:
长途进攻者改动Windows Server 2003体系注册表中的"Shell Folders"目次,通过"shell:[Shell Folders].." 将当地文件与恶意措施链接。
[Shell Folders]
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders
AppData: "C:Documents and Settings%USERNAME%Application Data"
Cookies: "C:Documents and Settings%USERNAME%Cookies"
Desktop: "C:Documents and Settings%USERNAME%Desktop"
Favorites: "C:Documents and Settings%USERNAME%Favorites"
NetHood: "C:Documents and Settings%USERNAME%NetHood"
Personal: "C:Documents and Settings%USERNAME%My Documents"
PrintHood: "C:Documents and Settings%USERNAME%PrintHood"
Recent: "C:Documents and Settings%USERNAME%Recent"
SendTo: "C:Documents and Settings%USERNAME%SendTo"
Start Menu: "C:Documents and Settings%USERNAME%Start Menu"
Templates: "C:Documents and Settings%USERNAME%Templates"
Programs: "C:Documents and Settings%USERNAME%Start MenuPrograms"
Startup: "C:Documents and Settings%USERNAME%Start MenuProgramsStartup"
Local Settings: "C:Documents and Settings%USERNAME%Local Settings"
Local AppData: "C:Documents and Settings%USERNAME%Local SettingsApplication Data"
Cache: "C:Documents and Settings%USERNAME%Local SettingsTemporary Internet Files"
History: "C:Documents and Settings%USERNAME%Local SettingsHistory"
My Pictures: "C:Documents and Settings%USERNAME%My DocumentsMy Pictures"
Fonts: "C:WINDOWSFonts"
My Music: "C:Documents and Settings%USERNAME%My DocumentsMy Music"
My Video: "C:Documents and Settings%USERNAME%My DocumentsMy Videos"
CD Burning: "C:Documents and Settings%USERNAME%Local SettingsApplication
DataMicrosoftCD Burning"
Administrative Tools: "C:Documents and Settings%USERNAME%Start
MenuProgramsAdministrative Tools"
恶意代码示例:
**************************************************
This exploit reads %TEMP%exploit.html.
You need to create it.
And click on the malicious link.
**************************************************
Malicious link:
Exploit
微软设施:
微软已于2003年6月9日宣布了此裂痕通告,打算于下一个版本的windows补丁中添加此裂痕的修补措施。
文章来历:金山毒霸编译 (编辑:河北网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|