|
|
Microsoft SQL Server JET Database Engine 4.0远程缓冲区溢出漏洞
发布时间:2003-07-09
更新时间:2003-07-15
严重程度:高
威胁程度:远程管理员权限
错误类型:边界检查错误
利用方式:服务器模式
BUGTRAQ ID:7541
受影响系统Microsoft Data Engine 1.0
+Affymetrix Microarray Suite Software 5.0
+Affymetrix Microarray Suite Software 5.0.1
+Altiris Deployment Server 5.0.1
+Altiris Deployment Server 5.5
+BlackBerry Enterprise Server 2.0 .0.65
+Centennial UK Ltd Centennial Discovery 4.4
+Compaq Insight Manager 7.0
+Compaq Insight Manager 7.0 SP1
+Gerber Technology WebPDM 3.9
+McAfee ePolicy Orchestrator 1.0
+McAfee ePolicy Orchestrator 1.1
+McAfee ePolicy Orchestrator 2.0
+McAfee ePolicy Orchestrator 2.5
+McAfee ePolicy Orchestrator 2.5 SP1
-Microsoft Access 2000
-Microsoft Project Central Server
+Microsoft SharePoint Team Services
-Microsoft Visual Studio 6.0
+PowerQuest ControlCenter ST 2.0
+PPM 2000 Incident Reporting and Investigation Management
+Trend Micro Control Manager 2.5
+Trend Micro Damage Cleanup Server 1.0
+Vital Processing Services, LLC POS-partner 2000 4.1.11
+Vital Processing Services, LLC POS-partner 2000 5.0.13
+Websense Reporter 6.3.1
Microsoft Data Engine 2000
+Akiva WebBoard 6.1
+BindView bv-Admin for Microsoft Exchange
+BindView bv-Admin for Windows 7.0
+BindView bv-Admin for Windows Migration
+BindView bv-control for Active Directory 7.0.2
+BindView bv-Control for Internet Security 7.0.1
+BindView bv-Control for Microsoft Exchange 7.0
+BindView bv-Control for Microsoft SQL Server 7.0
+BindView bv-Control for Microsoft SQL Server 7.0.1
+BindView bv-Control for Windows 7.0.2
+CARI-RUSCO Secure Perfect 3.0
+CCH Equity Compliance Insider Reporting Module
+Collins Medical Plus 2000
+Computer Associates Unicenter
+Computer Associates Unicenter RC/Update 6.0
+Computer Associates Unicenter RC/Update 6.1
+CSIRO BioLink Software 1.5
+DATA.TXT Corporation Time Matters 3.0
+DATA.TXT Corporation Time Matters 4.0
+Dell OpenManage IT Assistant 5.0
+Dell OpenManage IT Assistant 6.0
+Express Metrix Express Software Manager 5.0
+Express Metrix Express Software Manager 6.0
+Express Metrix Express Software Manager 6.0.1
+Express Metrix Express Software Manager 6.0.2
+Fluke Networks Optiview Network Inspector 5.0
+HP Openview Internet Services 4.0
+HP Openview Internet Services 4.5
+HP Openview Operations for Windows 6.0
+HP Openview Operations for Windows 7.0
+HP Openview Operations for Windows 7.1
+HP Openview Reporter 2.0.2
+HP Openview Reporter 3.0
+ISI Infortel for Windows 4.0
+ISI Infortel for Windows 5.1
+ISI Infortel for Windows 5.2
+ISI Infortel for Windows 5.4
+Journyx Timesheet 2.0
+Journyx Timesheet 4.5
+Journyx Timesheet 4.5 m2
+Journyx Timesheet 4.5 m3
+Journyx Timesheet 4.6
+Journyx Timesheet 5.0
+Microsoft .NET Framework 1.0
+Microsoft .NET Framework 1.0 SP1
+Microsoft .NET Framework 1.1
+Microsoft .NET Framework SDK 1.0
+Microsoft Application Center 2000
+Microsoft Biztalk Server 2002 Partner Edition
+Microsoft FrontPage 2000 Server Extensions SR 1.0
+Microsoft FrontPage 2000 Server Extensions SR 1.1
+Microsoft FrontPage 2000 Server Extensions SR 1.2
+Microsoft FrontPage 2000 Server Extensions SR 1.3
+Microsoft Great Plains 5.0
+Microsoft Great Plains 5.5
+Microsoft Great Plains 5.5.1
+Microsoft Great Plains 7.0
+Microsoft Office 2000
+Microsoft Office 2000 SP2
+Microsoft Office 2000 SP2
+Microsoft Office 2000 SR1
+Microsoft Office 2000 Chinese Version
+Microsoft Office 2000 Japanese Version
+Microsoft Office 2000 Korean Version
+Microsoft Office XP
+Microsoft Office XP SP1
+Microsoft Office XP Developer Edition
+Microsoft Project Central Server
+Microsoft SharePoint Portal Server 2001
+Microsoft SharePoint Portal Server 2001 SP1
+Microsoft SharePoint Team Services
+Microsoft SQL Server 2000
+Microsoft SQL Server 2000 SP1
+Microsoft SQL Server 2000 SP2
+Microsoft SQL Server 2000 SP3
+Microsoft Visio 2000 Enterprise Edition
+Microsoft Visio Enterprise Network Tools
+Microsoft Visual FoxPro 6.0
+Microsoft Visual FoxPro 7.0
+Microsoft Visual FoxPro 7.0 SP1
+Microsoft Visual Studio .NET Academic Edition
+Microsoft Visual Studio .NET Enterprise Architect Editio
+Microsoft Visual Studio .NET Enterprise Developer Editio
+Microsoft Visual Studio .NET Professional Edition
+Microsoft Visual Studio .NET Trial Edition
+Microsoft Windows Server 2003 Standard Edition
+Microsoft Windows XP Embedded
+Microsoft Windows XP Embedded SP1
+MIP NonProfit Series Pro 4.3
+MIP NonProfit Series Pro 4.4
+MIP NonProfit Series Pro 4.5
+NetSupport NetSupport TCO 4.5
+NetSupport NetSupport TCO 4.5.1
+Network Associates SupportMagic SQL 4.5
+Okena StormWatch
+Peachtree Software Timeslips 6.0
+Peachtree Software Timeslips 7.0
+Peachtree Software Timeslips 8.0
+Peachtree Software Timeslips 9.0
+Peachtree Software Timeslips 9.0
+Peachtree Software Timeslips 10.0
+Peachtree Software Timeslips 11.0
+QiNetix CommVault Galaxy 4.0.1
+SalesLogix Corporation SalesLogix 2000.0
+SmartMax Software MailMax 5.0
+TeleStream FlipFactory 1.2
+TeleStream FlipFactory 2.0
+TeleStream FlipFactory 3.0
+Veritas Software Backup Exec 9.0
+VIGILANTe SecureScan NX 2.5
+Visionary Systems Firehouse Software 3.0.5
+Visionary Systems Firehouse Software 5.0
+Visionary Systems Firehouse Software 5.0.2 5
+Visionary Systems Firehouse Software 5.4
+Wonderware InTouch 7.11
+Xerox CentreWare Web 1.0
Microsoft JET 4.0 SP6
Microsoft JET 4.0 SP5
Microsoft JET 4.0 SP4
Microsoft JET 4.0 SP3
Microsoft JET 4.0 SP2
Microsoft JET 4.0 SP1
Microsoft JET 4.0
+Microsoft Access 2000
Microsoft SQL Server 7.0 SP4
-Microsoft SQL Server 7.0
Microsoft SQL Server 7.0 SP3
-Microsoft SQL Server 7.0
Microsoft SQL Server 7.0 SP2
-Microsoft SQL Server 7.0
Microsoft SQL Server 7.0 SP1
-Microsoft SQL Server 7.0
Microsoft SQL Server 7.0
-Microsoft BackOffice 4.5
-Microsoft Windows NT 4.0
-Microsoft Windows NT 4.0 SP1
-Microsoft Windows NT 4.0 SP2
-Microsoft Windows NT 4.0 SP3
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
Microsoft SQL Server 2000 SP3
Microsoft SQL Server 2000 SP2
Microsoft SQL Server 2000 SP1
-Microsoft Windows 2000 Workstation
-Microsoft Windows 2000 Workstation SP1
-Microsoft Windows 2000 Workstation SP2
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
Microsoft SQL Server 2000
-Microsoft Windows 2000 Workstation
-Microsoft Windows 2000 Workstation SP1
-Microsoft Windows 2000 Workstation SP2
-Microsoft Windows NT 4.0
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a 未影响系统Microsoft JET 4.0 SP7 详细描述
Microsoft SQL Server存在缓冲区溢出漏洞,此漏洞可以通过Jet Database Engine利用,JET 4.0 OLE DB对远程来源的heterogeneous或ad hoc方法参数长度没有做充分的检查就用于查询数据库,导致数据库溢出。
测试代码
select * from openrowset('microsoft.jet.oledb.4.0','c:\anydatabase.mdb';'admin';'','select XXX...()')
或
select * from Openquery(SomeJet40LinkedServer,'Select XXX...()')
这儿“XXX”必须超过276字节。
解决方案
Chip Andrews <chip@sqlsecurity.com>建议删除如下的注册表键值以禁止
Jet OLE DB provider:
[HKEY_CLASSES_ROOT\Microsoft.Jet.OLEDB.4.0]
@="Microsoft.Jet.OLEDB.4.0"
[HKEY_CLASSES_ROOT\Microsoft.Jet.OLEDB.4.0\CLSID]
@="{dee35070-506b-11cf-b1aa-00aa00b8de95}"
[HKEY_CLASSES_ROOT\Microsoft.Jet.OLEDB.3.51]
@="Microsoft.Jet.OLEDB.3.51"
厂商称已经在最新的SP7补丁包修补了此漏洞。
[HKEY_CLASSES_ROOT\Microsoft.Jet.OLEDB.3.51\CLSID]
@="{dee35070-506b-11cf-b1aa-00aa00b8de95}"
相关信息
"Cesar" <sqlsec@yahoo.com>
SQLSecurity Home Page
http://www.sqlsecurity.com/
Technet Security
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/default.asp
|
