看好注册表微软Server2003潜伏重大安全缺陷

2022-11-05 09:55作者：佚名来源：本站整理浏览：1894

>受影响的版本：

Windows Server 2003 (Internet Explorer 6.0)

漏洞观察：

Windows Server 2003的这个漏洞会致使远程攻击者篡改注册表"Shell Folders"目录，从而无需任何登陆认证，轻易获得系统文件夹中%USERPROFILE%文件的访问权。

ex.) %USERPROFILE% = "C:/Documents and Settings/%USERNAME%"

详细资料：

远程攻击者篡改Windows Server 2003系统注册表中的"Shell Folders"目录，通过"shell:[Shell Folders]/../" 将本地文件与恶意程序链接。

[Shell Folders]

HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders

AppData: "C:/Documents and Settings/%USERNAME%/Application Data"

Cookies: "C:/Documents and Settings/%USERNAME%/Cookies"

Desktop: "C:/Documents and Settings/%USERNAME%/Desktop"

Favorites: "C:/Documents and Settings/%USERNAME%/Favorites"

NetHood: "C:/Documents and Settings/%USERNAME%/NetHood"

Personal: "C:/Documents and Settings/%USERNAME%/My Documents"

PrintHood: "C:/Documents and Settings/%USERNAME%/PrintHood"

Recent: "C:/Documents and Settings/%USERNAME%/Recent"

SendTo: "C:/Documents and Settings/%USERNAME%/SendTo"

Start Menu: "C:/Documents and Settings/%USERNAME%/Start Menu"

Templates: "C:/Documents and Settings/%USERNAME%/Templates"

Programs: "C:/Documents and Settings/%USERNAME%/Start Menu/Programs"

Startup: "C:/Documents and Settings/%USERNAME%/Start Menu/Programs/Startup"

Local Settings: "C:/Documents and Settings/%USERNAME%/Local Settings"

Local AppData: "C:/Documents and Settings/%USERNAME%/Local Settings/Application Data"

Cache: "C:/Documents and Settings/%USERNAME%/Local Settings/Temporary Internet Files"

History: "C:/Documents and Settings/%USERNAME%/Local Settings/History"

My Pictures: "C:/Documents and Settings/%USERNAME%/My Documents/My Pictures"

Fonts: "C:/WINDOWS/Fonts"

My Music: "C:/Documents and Settings/%USERNAME%/My Documents/My Music"

My Video: "C:/Documents and Settings/%USERNAME%/My Documents/My Videos"

CD Burning: "C:/Documents and Settings/%USERNAME%/Local Settings/Application

Data/Microsoft/CD Burning"

Administrative Tools: "C:/Documents and Settings/%USERNAME%/Start

Menu/Programs/Administrative Tools"

恶意代码示例：

**************************************************

This exploit reads %TEMP%/exploit.html.

You need to create it.

And click on the malicious link.

**************************************************

Malicious link:

Exploit

微软举措：

微软已于2003年6月9日发布了此漏洞公告，计划于下一个版本的windows补丁中添加此漏洞的修补程序。

文章来源：金山毒霸编译