Microsoft COM Internet Services (CIS) RPC Over HTTP远程拒绝服务漏洞(MS04-012)

漏洞信息详情

Microsoft COM Internet Services (CIS) RPC Over HTTP远程拒绝服务漏洞(MS04-012)

• CNNVD编号：CNNVD-200406-014
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2003-0807
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2004-04-13
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-04-19
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Qualys

Remote Procedure Call (RPC)是Windows 操作系统使用的一种远程过程调用协议，RPC提供进程间交互通信机制，允许在某台计算机上运行程序的无缝地在远程系统上执行代码。协议本身源自开放软件基金会的RPC协议，Microsoft在其基础上增加了自己的一些扩展。
Windows的COM Internet服务及RPC over HTTP代理组件存在问题，远程攻击者可以利用这个漏洞对此服务进行拒绝服务攻击。
当通过COM CIS及RPC Over HTTP转发请求到后台系统时，攻击者可以通过使用特殊构建的消息应答此请求，使得受此漏洞影响的组件停止对后续请求的响应。

临时解决方法：
如果您不能立刻安装补丁或者升级，CNNVD建议您采取以下措施以降低威胁：

* 如果不需要CIS或RPC Over HTTP服务，参看如下连接关闭：

http://support.microsoft.com/default.aspx?scid=kb;en-us;825819” target=”_blank”>
http://support.microsoft.com/default.aspx?scid=kb;en-us;825819

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rpc/rpc/rpc_over_http_security.asp” target=”_blank”>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rpc/rpc/rpc_over_http_security.asp
厂商补丁：
Microsoft
———
Microsoft已经为此发布了一个安全公告(MS04-012)以及相应补丁:

MS04-012：Cumulative Update for Microsoft RPC/DCOM (828741)

链接：http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx” target=”_blank”>
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx

补丁下载：

Microsoft Windows NT? Workstation 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=4ACB5BD6-A0BF-40BC-8955-D833923642EF&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=4ACB5BD6-A0BF-40BC-8955-D833923642EF&displaylang=en

Microsoft Windows NT Server 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=D4F2AD32-FE74-4DA1-AEAE-80897AC86720&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=D4F2AD32-FE74-4DA1-AEAE-80897AC86720&displaylang=en

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

http://www.microsoft.com/downloads/details.aspx?FamilyId=5B29E35D-E5DA-4486-B7EB-D54C7398142C&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=5B29E35D-E5DA-4486-B7EB-D54C7398142C&displaylang=en

Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4

http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD38C36-D1D3-47A2-A5D5-6C8F27FDCC40&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD38C36-D1D3-47A2-A5D5-6C8F27FDCC40&displaylang=en

Microsoft Windows XP and Microsoft Windows XP Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=D488BBBB-DA77-448D-8FF0-0A649A0D8FC3&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=D488BBBB-DA77-448D-8FF0-0A649A0D8FC3&displaylang=en

Microsoft Windows XP 64-Bit Edition Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=4C3ED21D-FF40-4C9D-99DD-1632E43C1645&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=4C3ED21D-FF40-4C9D-99DD-1632E43C1645&displaylang=en

Microsoft Windows XP 64-Bit Edition Version 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en

Microsoft Windows Server? 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=07317CE9-520D-4574-B575-5FB85DA9A4D7&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=07317CE9-520D-4574-B575-5FB85DA9A4D7&displaylang=en

Microsoft Windows Server 2003 64-Bit Edition

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en

来源:US-CERT Vulnerability Note: VU#698564
名称: VU#698564
链接:http://www.kb.cert.org/vuls/id/698564

来源:US-CERT Technical Alert: TA04-104A
名称: TA04-104A
链接:http://www.us-cert.gov/cas/techalerts/TA04-104A.html

来源: XF
名称: win-cis-rpc-http-dos(15709)
链接:http://xforce.iss.net/xforce/xfdb/15709

来源: BID
名称: 10123
链接:http://www.securityfocus.com/bid/10123

来源: MS
名称: MS04-012
链接:http://www.microsoft.com/technet/security/bulletin/ms04-012.asp

来源: CIAC
名称: O-115
链接:http://www.ciac.org/ciac/bulletins/o-115.shtml

来源: SECTRACK
名称: 1009762
链接:http://securitytracker.com/alerts/2004/Apr/1009762.html

来源: US Government Resource: oval:org.mitre.oval:def:995
名称: oval:org.mitre.oval:def:995
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:995

来源: US Government Resource: oval:org.mitre.oval:def:969
名称: oval:org.mitre.oval:def:969
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:969

来源: US Government Resource: oval:org.mitre.oval:def:1030
名称: oval:org.mitre.oval:def:1030
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1030