|
微软远程任意代码执行漏洞安全公告 -------------------------------------------------------------------------------- 微软Internet Security 与 Acceleration Server 2000 H.323 Filter远程
漏洞影响: 远程代码执行 安全等级:高 CVE : CAN-2003-0819 链接: http://www.microsoft.com/technet/security/bulletin/MS04-001.asp 受影响系统: * Microsoft Internet Security and Acceleration Server 2000
Internet Security and Acceleration Server 2000)
Internet Security and Acceleration Server 2000)
Microsoft Proxy Server 2.0 漏洞描述: -------------- 微软Internet Security 与 Acceleration Server 2000中使用的H.323 filter存在一个缓冲区溢出漏洞,通过这个漏洞攻击者可以在Internet Security 与 Acceleration Server 2000服务器上执行任意代码, 运行ISA Server 2000的服务器与打开防火墙模式的服务器默认打开H.323 filter. 如果攻击者成功的利用了此漏洞就可以完全控制整个系统. 详细内容: http://www.microsoft.com/technet/security/bulletin/MS04-001.asp Microsoft Security Bulletin MS04-002 Exchange Server 2003 权限提升漏洞
漏洞影响:权限提升
CVE: CAN-2003-0904 受影响系统: * Microsoft Exchange Server 2003 未受影响系统: * Microsoft Exchange 2000 Server * Microsoft Exchange Server 5.5 漏洞描述: 详细内容: Microsoft Security Bulletin MS04-003 MDAC函数中存在溢出导致任意代码执行漏洞(832483) 发布日期: 01-13-2004 漏洞影响: 远程代码执行 安全等级:高 CVE Number(s): CAN-2003-0903 受影响系统: * Microsoft Data Access Components 2.5 (included with Microsoft Windows 2000) * Microsoft Data Access Components 2.6 (included with Microsoft SQL Server 2000) * Microsoft Data Access Components 2.7 (included with Microsoft Windows XP) * Microsoft Data Access Components 2.8 (included with Microsoft Windows Server 2003) Note The same update applies to all these versions of MDAC * Microsoft Data Access Components 2.8 (included with Windows Server 2003 64-Bit Edition) 受影响系统: 无 漏洞描述: 详细内容: |
|