昨天,securityfocus網站有爆出windows smb遠端dos漏洞,漏洞cve編号cve-2017-0280。windows 7\8\10 的多個版本受影響,windows server 2008 /2012/2016多個版本受影響。這個smb爆出的漏洞是真多啊。目前微軟已經釋出更新檔。
bugtraq id:
98273
class:
unknown
cve:
cve-2017-0280
remote:
yes
local:
no
published:
may 09 2017 12:00am
updated:
may 10 2017 01:10am
credit:
msrc vulnerabilities & mitigations and wdg offensive security research team.
vulnerable:
microsoft windows server 2016 0
microsoft windows server 2012 r2 0
microsoft windows server 2012 0
microsoft windows server 2008 r2 for x64-based systems sp1
microsoft windows server 2008 r2 for itanium-based systems sp1
microsoft windows server 2008 for x64-based systems sp2
microsoft windows server 2008 for itanium-based systems sp2
microsoft windows server 2008 for 32-bit systems sp2
microsoft windows rt 8.1
microsoft windows 8.1 for x64-based systems 0
microsoft windows 8.1 for 32-bit systems 0
microsoft windows 7 for x64-based systems sp1
microsoft windows 7 for 32-bit systems sp1
microsoft windows 10 version 1703 for x64-based systems 0
microsoft windows 10 version 1703 for 32-bit systems 0
microsoft windows 10 version 1607 for x64-based systems 0
microsoft windows 10 version 1607 for 32-bit systems 0
microsoft windows 10 version 1511 for x64-based systems 0
microsoft windows 10 version 1511 for 32-bit systems 0
microsoft windows 10 for x64-based systems 0
microsoft windows 10 for 32-bit systems 0
<a href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-0280" target="_blank">在微軟官方通告頁面上,描述如下</a>
當攻擊者向伺服器發送巧盡心思建構的請求時, microsoft 伺服器阻止消息 (smb) 中存在拒絕服務漏洞。利用此漏洞的攻擊者可能會導緻受影響的系統在手動重新啟動之前停止響應。為了嘗試利用此問題, 攻擊者需要向目标系統發送特制的 smb 請求。
請注意, 拒絕服務漏洞不允許攻擊者執行代碼或提升其使用者權限, 但它可能會導緻受影響的系統停止接受請求。安全更新通過更正 smb 處理精心編制的用戶端請求的方式來解決此漏洞。
原文釋出時間:2017年5月10日
本文由:securityfocus釋出,版權歸屬于原作者
原文連結:http://toutiao.secjia.com/new-windows-smb-rdos-cve-2017-0280
本文來自雲栖社群合作夥伴安全加,了解相關資訊可以關注安全加網站