Microsoft Windows autorun.inf漏洞

漏洞信息详情

Microsoft Windows autorun.inf漏洞

• CNNVD编号：CNNVD-200002-055
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0155
  
• 漏洞类型：
  
  
  代码注入
  
• 发布时间：
  
  2000-02-18
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Posted to Bugtraq …

Windows NT Autorun在不可移动媒体上执行autorun.inf文件。本地用户利用此漏洞可以在其他用户访问驱动器时指定一个备份程序执行。

There are two registry settings that control which drives can be recognized by the Autorun feature, both located in:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoDriveTypeAutoRun
This value specifies drive types that will be checked for Autorun.inf files.
Each bit of the first byte of the value corresponds to a drive type, and a value of 1 disables Autorun for that drive type. Starting with bit 0, the types are: Unknown, No_Root_Dir, Removable, Fixed, Remote, CDROM, Ramdisk. The last bit is reserved for future drive types. For example, a setting of 0xDF (11011111) will enable Autorun on CDROMs only.
NoDriveAutoRun
This value specifies which drives, by drive letter, will have Autorun enabled or disabled. The first bit is drive A:, second is B: and so on. Once again, 0 enables and 1 disables. For example, a setting of 0xFFFFFFF7 (11111111111111111111111111110111) will enable Autorun for drive D: only.

来源: BID
名称: 993
链接:http://www.securityfocus.com/bid/993

来源: BUGTRAQ
名称: 20000218 AUTORUN.INF Vulnerability
链接:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd$fdb5a620$4c4342a6@mightye.org