Lucene search
RootSSV:4664HistoryJan 15, 2009 - 12:00 a.m.
Microsoft Windows SMB NT Trans请求缓冲区溢出漏洞(MS09-001)
2009-01-1500:00:00
Root
www.seebug.org
43
0.922 High
EPSS
Percentile
98.7%
BUGTRAQ ID: 33121
CVE(CAN) ID: CVE-2008-4834
Windows是微软发布的非常流行的操作系统。
Microsoft服务器消息块(SMB)协议软件处理特制SMB数据包的方式存在缓冲区溢出漏洞,未经认证的远程攻击者可以在NT Trans请求中指定畸形的值导致内核忙碌,必须重启系统才能恢复操作。利用此漏洞的大多数尝试会导致系统拒绝服务,但是远程执行代码在理论上是可行的。
Microsoft Windows XP SP3
Microsoft Windows XP SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 2000SP4
临时解决方法:
- 在防火墙处阻止TCP 139和445端口。
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS09-001)以及相应补丁:
MS09-001:Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
链接:<a href=“http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx?pf=true” target=“_blank”>http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx?pf=true</a>
Related
checkpoint_advisories
checkpoint_advisories
zdi
zdi
Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability
2009-01-13 00:00:00
cve
cve
CVE-2008-4834
2009-01-14 22:30:00
prion
prion
Remote code execution
2009-01-14 22:30:00
securityvulns
securityvulns
ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability
2009-01-13 00:00:00
Microsoft Windows SMB multiple security vulnerabilities
2009-01-14 00:00:00
openvas
openvas
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
2009-01-14 00:00:00
Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote
2010-03-18 00:00:00
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
2009-01-14 00:00:00
nessus
nessus
MS09-001: Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
2009-01-13 00:00:00