NT RASMAN权限升级漏洞

漏洞信息详情

NT RASMAN权限升级漏洞

• CNNVD编号：CNNVD-199909-036
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-0886
  
• 漏洞类型：
  
  
  配置错误
  
• 发布时间：
  
  1999-09-17
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-04-19
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  This vulnerability…

RASMAN安全描述符存在漏洞。用户可以借助Windows NT服务控制管理器指向备用位置。

Microsoft has released a tool that will set proper permissions over the HKEY_Local_Machine/SYSTEM/CurrentControlSet/Services/RASMan key
The Post SP6 Rasman-fix tool can be downloaded from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/Hotfixes-PostSP6/Security/Rasman-fix/
This tool may be executed against any NT host, regardless of the current Service Pack level. The tool may be executed against a remote machine using the syntax: “fixrasi \\machinename” (without the quotes).

来源: BID
名称: 645
链接:http://www.securityfocus.com/bid/645

来源: MS
名称: MS99-041
链接:http://www.microsoft.com/technet/security/bulletin/ms99-041.mspx

来源: MSKB
名称: Q242294
链接:http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q242294