Microsoft Windows辅助工具管理器权限提升漏洞

发布时间：2003-07-09
更新时间：2003-07-09
严重程度：高
威胁程度：本地管理员权限
错误类型：输入验证错误
利用方式：服务器模式

BUGTRAQ ID：8154
CVE(CAN) ID：CAN-2003-0350

受影响系统

Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server

未影响系统

Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4

详细描述
Microsoft Windows 2000的辅助工具管理器以系统权限运行但没有对发给它的Windows消息做充分的验证及过滤，本地攻击者可能利用此漏洞以系统权限执行任意指令，提升自己在系统中的权限。

解决方案
厂商已经在最新的补丁包中修补了此漏洞：

Microsoft Windows 2000 Professional SP3:
     Microsoft Patch Windows2000-KB822679-x86-ENU.exe
     http://microsoft.com/downloads/details.aspx?FamilyId=D415A4AC-E13A-
     4E8A-BE25-85E7DF686F61&displaylang=en
Microsoft Windows 2000 Server SP3:
     Microsoft Patch Windows2000-KB822679-x86-ENU.exe
     http://microsoft.com/downloads/details.aspx?FamilyId=D415A4AC-E13A-
     4E8A-BE25-85E7DF686F61&displaylang=en
Microsoft Windows 2000 Advanced Server SP3:
     Microsoft Patch Windows2000-KB822679-x86-ENU.exe
     http://microsoft.com/downloads/details.aspx?FamilyId=D415A4AC-E13A-
     4E8A-BE25-85E7DF686F61&displaylang=en

相关信息
Microsoft Utility Manager Local Privilege Escalation
http://archives.neohapsis.com/archives/bugtraq/2003-07/0116.html

Microsoft Security Bulletin MS03-025
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-025.asp

最近严重漏洞

Microsoft Windows辅助工具管理器权限提升漏洞