加入收藏 | 设为首页 | 会员中心 | 我要投稿 核心网 (https://www.hxwgxz.com/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 编程 > 正文

看好注册表微软Server2003潜伏重大安全缺陷

发布时间:2019-06-17 07:34:54 所属栏目:编程 来源:蓝点
导读:受影响的版本: Windows Server 2003 (Internet Explorer 6.0) 漏洞观察: Windows Server 2003的这个漏洞会致使远程攻击者篡改注册表Shell Folders目录,从而无需任何登陆认证,轻易获得系统文件夹中%USERPROFILE%文件的访问权。 ex.) %USERPROFILE% = C:

>受影响的版本:

Windows Server 2003 (Internet Explorer 6.0)

漏洞观察:

Windows Server 2003的这个漏洞会致使远程攻击者篡改注册表"Shell Folders"目录,从而无需任何登陆认证,轻易获得系统文件夹中%USERPROFILE%文件的访问权。

ex.) %USERPROFILE% = "C:Documents and Settings%USERNAME%"

详细资料:

远程攻击者篡改Windows Server 2003系统注册表中的"Shell Folders"目录,通过"shell:[Shell Folders].." 将本地文件与恶意程序链接。

[Shell Folders]

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders

AppData: "C:Documents and Settings%USERNAME%Application Data"

Cookies: "C:Documents and Settings%USERNAME%Cookies"

Desktop: "C:Documents and Settings%USERNAME%Desktop"

Favorites: "C:Documents and Settings%USERNAME%Favorites"

NetHood: "C:Documents and Settings%USERNAME%NetHood"

Personal: "C:Documents and Settings%USERNAME%My Documents"

PrintHood: "C:Documents and Settings%USERNAME%PrintHood"

Recent: "C:Documents and Settings%USERNAME%Recent"

SendTo: "C:Documents and Settings%USERNAME%SendTo"

Start Menu: "C:Documents and Settings%USERNAME%Start Menu"

Templates: "C:Documents and Settings%USERNAME%Templates"

Programs: "C:Documents and Settings%USERNAME%Start MenuPrograms"

Startup: "C:Documents and Settings%USERNAME%Start MenuProgramsStartup"

Local Settings: "C:Documents and Settings%USERNAME%Local Settings"

Local AppData: "C:Documents and Settings%USERNAME%Local SettingsApplication Data"

Cache: "C:Documents and Settings%USERNAME%Local SettingsTemporary Internet Files"

History: "C:Documents and Settings%USERNAME%Local SettingsHistory"

My Pictures: "C:Documents and Settings%USERNAME%My DocumentsMy Pictures"

Fonts: "C:WINDOWSFonts"

My Music: "C:Documents and Settings%USERNAME%My DocumentsMy Music"

My Video: "C:Documents and Settings%USERNAME%My DocumentsMy Videos"

CD Burning: "C:Documents and Settings%USERNAME%Local SettingsApplication

DataMicrosoftCD Burning"

Administrative Tools: "C:Documents and Settings%USERNAME%Start

MenuProgramsAdministrative Tools"

恶意代码示例:

**************************************************

This exploit reads %TEMP%exploit.html.

You need to create it.

And click on the malicious link.

**************************************************

Malicious link:

Exploit

微软举措:

微软已于2003年6月9日发布了此漏洞公告,计划于下一个版本的windows补丁中添加此漏洞的修补程序。

文章来源:金山毒霸编译

(编辑:核心网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
    相关内容
      推荐文章
      站长推荐
      热点阅读

        【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

        建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的最佳浏览效果

        Copygight © 2008-2022 https://www.hxwgxz.com/ All Rights Reserved. 核心网