Vulnerability in Server Message Block - CAIS RNP

**psergiom** · 12/02/2005

O CAIS esta' repassando o alerta da Microsoft, intitulado "MS05-011 - Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)", que trata de uma vulnerabilidade recem-descoberta de execucao remota de codigo no protocolo SMB do Windows, responsavel pelo compartilhamento de arquivos e impressoras.

Se explorada, esta vulnerabilidade pode permitir ao atacante obter controle completo sobre o sistema afetado, sendo capaz de instalar programas, criar novas contas de usuarios com privilegios totais no sistema ou ate' mesmo visualizar, modificar ou apagar dados no sistema vulneravel.

Sistemas afetados:

. Microsoft Windows 2000 Service Pack 3
. Microsoft Windows 2000 Service Pack 4
. Microsoft Windows XP Service Pack 1
. Microsoft Windows XP Service Pack 2
. Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
. Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
. Microsoft Windows Server 2003
. Microsoft Windows Server 2003 for Itanium-based Systems

Correcoes disponiveis:

Recomenda-se fazer a atualizacao para as versoes disponiveis em:

. Microsoft Windows 2000 Service Pack 3
http://www.microsoft.com/downloads/d...2-24A2171C7355

. Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/d...2-24A2171C7355

. Microsoft Windows XP Service Pack 1
http://www.microsoft.com/downloads/d...7-978EC6B81B54

. Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/d...7-978EC6B81B54

. Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
http://www.microsoft.com/downloads/d...1-85512828C6F4

. Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
http://www.microsoft.com/downloads/d...2-4AABAD675129

. Microsoft Windows Server 2003
http://www.microsoft.com/downloads/d...E-E9A53C45B36A

. Microsoft Windows Server 2003 for Itanium-based Systems
http://www.microsoft.com/downloads/d...2-4AABAD675129

Mais informacoes:

. MS05-011 - Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)
http://www.microsoft.com/technet/sec.../ms05-011.mspx

. Vulnerability Note VU#652537 - Microsoft Windows SMB packet validation vulnerability
http://www.kb.cert.org/vuls/id/652537

. Microsoft Brasil Security
http://www.microsoft.com/brasil/security

. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca

Identificador CVE (http://cve.mitre.org): CAN-2005-0045

O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.

Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml

Atenciosamente,

################################################## ##############
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais@cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################## ##############

Tópico: Vulnerability in Server Message Block - CAIS RNP

Ferramentas

Display

Vulnerability in Server Message Block - CAIS RNP

Thread Information

Users Browsing this Thread

Tópicos semelhantes

Windows FTP Server Format String Vulnerability

Vulnerabilidade ssh

Regras de envio