CVE-2005-0051
CVSS7.5
发布时间 :2005-05-02 00:00:00
修订时间 :2008-09-10 15:34:50
NMCOS    

[原文]The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."


[CNNVD]Microsoft有名管道信息泄露漏洞(CNNVD-200505-498)

        Microsoft Windows有名管道存在信息泄露问题,远程攻击者可以利用这个漏洞远程读取开放连接到共享资源的用户名信息。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:microsoft:windows_xp::sp2:tablet_pcMicrosoft windows xp_sp2 tablet_pc
cpe:/o:microsoft:windows_xp::sp1:64-bit
cpe:/o:microsoft:windows_xp::sp1:tablet_pcMicrosoft windows xp_sp1 tablet_pc

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:3055Windows XP Named Pipe Vulnerability (64-bit architecture)
oval:org.mitre.oval:def:2292Windows XP Named Pipe Vulnerability (32-bit architecture)
oval:gov.nist.fdcc.patch:def:11529MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)
oval:gov.nist.USGCB.patch:def:11529MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0051
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0051
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-498
(官方数据源) CNNVD

- 其它链接及资源

http://www.us-cert.gov/cas/techalerts/TA05-039A.html
(VENDOR_ADVISORY)  CERT  TA05-039A
http://www.kb.cert.org/vuls/id/939074
(PATCH)  CERT-VN  VU#939074
http://www.microsoft.com/technet/security/bulletin/ms05-007.mspx
(PATCH)  MS  MS05-007
http://xforce.iss.net/xforce/xfdb/19093
(UNKNOWN)  XF  win-named-pipe-information-disclosure(19093)
http://www.securityfocus.com/bid/12486
(UNKNOWN)  BID  12486
http://securitytracker.com/id?1013112
(UNKNOWN)  SECTRACK  1013112
http://secunia.com/advisories/14189
(UNKNOWN)  SECUNIA  14189

- 漏洞信息

Microsoft有名管道信息泄露漏洞
高危 访问验证错误
2005-05-02 00:00:00 2005-10-20 00:00:00
远程  
        Microsoft Windows有名管道存在信息泄露问题,远程攻击者可以利用这个漏洞远程读取开放连接到共享资源的用户名信息。
        

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
        http://www.microsoft.com/downloads/details.aspx?FamilyId=B8C867C2-B7CD-4E2F-90E0-169B2C7125DC
        Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
        http://www.microsoft.com/downloads/details.aspx?FamilyId=2F68945E-EEB8-42BC-A8AD-0D3991204889

- 漏洞信息

13596
Microsoft Windows XP Named Pipe Username Disclosure
Remote / Network Access Information Disclosure
Loss of Confidentiality
Exploit Unknown

- 漏洞描述

Windows contains a flaw related to the use of named pipes that may allow an attacker to gather the usernames of users connected to a shared resource. No further details have been provided.

- 时间线

2005-02-08 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

Microsoft Windows Named Pipe Remote Information Disclosure Vulnerability
Access Validation Error 12486
Yes No
2005-02-08 12:00:00 2009-07-12 10:06:00
Jean-Baptiste Marchand is credited with the discovery of this issue.

- 受影响的程序版本

Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition

- 漏洞讨论

A remote information disclosure vulnerability affects Microsoft Windows. This issue is due to a failure of the application to securely store potentially sensitive system information.

An attacker may leverage this issue to disclose the user names of all users connected to a network share, potentially facilitating further attacks against affected computers.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Microsoft has released updates to address this issue on supported platforms.


Microsoft Windows XP Media Center Edition SP1

Microsoft Windows XP Tablet PC Edition SP2

Microsoft Windows XP Media Center Edition SP2

Microsoft Windows XP Professional SP2

Microsoft Windows XP Home SP1

Microsoft Windows XP Tablet PC Edition SP1

Microsoft Windows XP Tablet PC Edition

Microsoft Windows XP Professional SP1

Microsoft Windows XP 64-bit Edition SP1

Microsoft Windows XP Home SP2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站