http://www.microsoft.com/technet/security/Bulletin/MS09-001.mspx
SMB Buffer Overflow Remote Code Execution Vulnerability – CVE-2008-4834
An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could take complete control of the system. Most attempts to exploit this vulnerability would result in a system denial of service condition, however remote code execution is theoretically possible.
To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-4834.
Mitigating Factors for SMB Buffer Overflow Remote Code Execution Vulnerability – CVE-2008-4834
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:
• Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the SMB ports should be blocked from the Internet.
• Windows Vista and Windows Server 2008 are not affected by this vulnerability.
C:\Documents and Settings\YangQian>net config srv
服务器名称 \\Q-Y080009
服务器注释
软件版本 Windows 2002
服务器正运行于
NetbiosSmb (000000000000)
NetBT_Tcpip_{1BD7CD5C-A952-4515-9611-4C67BD11721F} (005056c00008)
NetBT_Tcpip_{D5B635CA-9EDF-4315-A7DC-B93C74C38171} (001c23fe8e3e)
NetBT_Tcpip_{668D0EA2-FA88-480E-9C3F-C6C56EFD12E6} (005056c00001)
NetBT_Tcpip_{B93EE28F-A872-4ACA-BDC5-19E02DDB114B} (00ffb93ee28f)
服务器已隐藏 No
登录的用户数量上限 10
每个会话打开的文件数量上限 16384
空闲的会话时间 (分) 15
命令成功完成。
本文还暂无回复