Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20475
HistoryApr 15, 2011 - 12:00 a.m.

Microsoft Windows SMB客户端远程代码执行漏洞(MS11-019)

2011-04-1500:00:00
Root
www.seebug.org
27

0.501 Medium

EPSS

Percentile

97.2%

JSON

BUGTRAQ ID: 47239
CVE ID: CVE-2011-0660

Windows是微软公司开发的流行操作系统。

Microsoft Windows SMB客户端在实现上存在远程代码执行漏洞,远程攻击者可利用此漏洞以完全用户权限在应用程序中执行任意代码,完全控制受影响系统,造成拒绝服务。

Microsoft SMB客户端验证特制的SMB响应时存在未验证远程代码执行漏洞,无需验证即可利用此漏洞。攻击者通过发送客户端SMB请求的特制SMB响应即可利用此漏洞。成功利用可执行任意代码和完全控制受影响系统。然后攻击者即可安装程序;查看、更改或删除数据;或以完全用户权限创建新帐户。

Microsoft Windows XP Professional
Microsoft Windows XP Home Edition
Microsoft Windows Vista
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows 7
临时解决方法:

  • 在防火墙禁止TCP端口139和445

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS11-019)以及相应补丁:

MS11-019:Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)

链接:http://www.microsoft.com/technet/security/bulletin/MS11-019.asp

Related

checkpoint_advisories 1
cve 1
prion 1
openvas 2
nessus 1
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Microsoft SMB Client Crafted Response Parsing Code Execution (MS11-019; CVE-2011-0660)
2011-04-10 00:00:00
cve
cve
CVE-2011-0660
2011-04-13 18:55:00
prion
prion
Design/Logic Flaw
2011-04-13 18:55:00
openvas
openvas
Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
2011-04-13 00:00:00
Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
2011-04-13 00:00:00
nessus
nessus
MS11-019: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)
2011-04-13 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2011-04-17 00:00:00

0.501 Medium

EPSS

Percentile

97.2%

JSON
Related for SSV:20475
checkpoint_advisories1cve1prion1openvas2nessus1securityvulns1