大家帮我看看这个漏洞有可利用的地方嘛?

xuwenhui · 发表于 2004-4-28 08:52:05

The remote WebDAV server may be vulnerable to a buffer overflow when
it receives a too long request.

An attacker may use this flaw to execute arbitrary code within the
LocalSystem security context.

*** As safe checks are enabled, Nessus did not actually test for this
*** flaw, so this might be a false positive

Solution : See http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx
Risk Factor : High
CVE_ID : CAN-2003-0109
BUGTRAQ_ID : 7116
NESSUS_ID : 11412
Other references : IAVA:2003-A-0005

xuwenhui · 发表于 2004-4-28 08:52:59

还有这个....

The remote MS SQL server is vulnerable to the Hello overflow.

An attacker may use this flaw to execute commands against
the remote host as LOCAL/SYSTEM, as well as read your database content.

*** This alert might be a false positive.

Solution : Install Microsoft Patch Q316333 at
http://support.microsoft.com/default.aspx?scid=kb
en-us
Q316333&sd=tech
or disable the Microsoft SQL Server service or use a firewall to protect the
MS SQL port (1433).

Risk factor : High
CVE_ID : CAN-2002-1123
BUGTRAQ_ID : 5411
NESSUS_ID : 11067
Other references : IAVA:2002-B-0007

		自动登录	找回密码
密码			立即注册

大家帮我看看这个漏洞有可利用的地方嘛?

浏览过的版块