分类

首页 > 软件资讯 > 应用教程 > 正文

看好注册表微软Server2003潜伏重大安全缺陷

作者:小黑游戏   来源:本站整理   时间:2022-11-05 09:55

>受影响的版本:

Windows Server 2003 (Internet Explorer 6.0)

漏洞观察:

Windows Server 2003的这个漏洞会致使远程攻击者篡改注册表"Shell Folders"目录,从而无需任何登陆认证,轻易获得系统文件夹中%USERPROFILE%文件的访问权。

ex.) %USERPROFILE% = "C:/Documents and Settings/%USERNAME%"

详细资料:

远程攻击者篡改Windows Server 2003系统注册表中的"Shell Folders"目录,通过"shell:[Shell Folders]/../" 将本地文件与恶意程序链接。

[Shell Folders]

HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders

AppData: "C:/Documents and Settings/%USERNAME%/Application Data"

Cookies: "C:/Documents and Settings/%USERNAME%/Cookies"

Desktop: "C:/Documents and Settings/%USERNAME%/Desktop"

Favorites: "C:/Documents and Settings/%USERNAME%/Favorites"

NetHood: "C:/Documents and Settings/%USERNAME%/NetHood"

Personal: "C:/Documents and Settings/%USERNAME%/My Documents"

PrintHood: "C:/Documents and Settings/%USERNAME%/PrintHood"

Recent: "C:/Documents and Settings/%USERNAME%/Recent"

SendTo: "C:/Documents and Settings/%USERNAME%/SendTo"

Start Menu: "C:/Documents and Settings/%USERNAME%/Start Menu"

Templates: "C:/Documents and Settings/%USERNAME%/Templates"

Programs: "C:/Documents and Settings/%USERNAME%/Start Menu/Programs"

Startup: "C:/Documents and Settings/%USERNAME%/Start Menu/Programs/Startup"

Local Settings: "C:/Documents and Settings/%USERNAME%/Local Settings"

Local AppData: "C:/Documents and Settings/%USERNAME%/Local Settings/Application Data"

Cache: "C:/Documents and Settings/%USERNAME%/Local Settings/Temporary Internet Files"

History: "C:/Documents and Settings/%USERNAME%/Local Settings/History"

My Pictures: "C:/Documents and Settings/%USERNAME%/My Documents/My Pictures"

Fonts: "C:/WINDOWS/Fonts"

My Music: "C:/Documents and Settings/%USERNAME%/My Documents/My Music"

My Video: "C:/Documents and Settings/%USERNAME%/My Documents/My Videos"

CD Burning: "C:/Documents and Settings/%USERNAME%/Local Settings/Application

Data/Microsoft/CD Burning"

Administrative Tools: "C:/Documents and Settings/%USERNAME%/Start

Menu/Programs/Administrative Tools"

恶意代码示例:

**************************************************

This exploit reads %TEMP%/exploit.html.

You need to create it.

And click on the malicious link.

**************************************************

Malicious link:

Exploit

微软举措:

微软已于2003年6月9日发布了此漏洞公告,计划于下一个版本的windows补丁中添加此漏洞的修补程序。

文章来源:金山毒霸编译

Tags:

相关文章

相关下载

猜你喜欢

阅读排行

网友评论

我要跟帖
取消
声明:评论内容只代表网友观点,与本站立场无关!