.: News - Downloads - Hilfe Forum - Windows FAQ - Kontakt - Impressum / Datenschutz :.
  Navigation
    Startseite
    Newscenter
    Downloads
    Screenshots
    Forum
    Online Shop
    Spielhalle
    Bilder Upload
    Mitglieder Map

  FAQ Datenbank
    FAQ, Tipps, Hilfe
    CMD (DOS) Befehle
    Windows 2000
    Windows Vista
    Windows XP
    Server 2003
    Microsoft Office
    Security Bulletins
    Service Packs

  Update Packs
    Windows 2000
    Windows XP
    Server 2003

  Service
    Windows XP Slipper
    Slipstream CD
    MS Security Tools

  RSS Feed  
    Alle News
    Treiber News
    Software News
    Hardware News
    Microsoft News
    Alle Windows FAQ
    Windows 2000 FAQ
    Windows XP FAQ
    Windows Vista FAQ
    Update Packs
    Screenshots
    Downloads

  Surf-Tipp
    Kostenlose Online-Kurse zu MS Office, OpenOffice und Internet-Technik

Keine Kompromisse im Kampf gegen Kinderpornografie

Archiv Screenshots
Archiv FAQ
Archiv Community News
Archiv Spiele News
Archiv Konsolen News
Archiv Allgemeine News
Archiv Microsoft News
Archiv Hardware News
Archiv Treiber News
Archiv Software News
Zurück   Winhelpline Forum > News, Tipps, Infos, Security Bulletin, Service Packs > WinHelpline News > News Archiv
Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Update) Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Update)
Passwort vergessen?

Antwort
 
Themen-Optionen Thema durchsuchen Ansicht
Alt 15.06.2002, 10:45   #1
Newsbot
input input
 
Benutzerbild von Newsbot
 
Registriert seit: 23.03.2006
Beiträge: 8.939



Standard Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Update)
Dieser Patch wurde vor 2 Tagen released. Da es aber zu Problemen gekommen ist, wurde dieses Update erneut aktualisiert. Es wird jedem geraten den Patch erneut zu installieren um Probleme zu vermeiden.

Microsoft released the original version of this bulletin. In it, we detailed a work-around procedure that customers could implement to protect themselves against a publicly disclosed vulnerability. An updated version of this bulletin was rereleased on June 14, 2002 to announce the availability of patches for Proxy Server 2.0 and ISA Server 2000 and to advise customers that the work-around procedure is no longer needed on those platforms. Patches for IE are forthcoming and this bulletin will be re-released to announce their availability.

The Gopher protocol is a legacy protocol that provides for the transfer of text-based information across the Internet. Information on Gopher servers is hierarchically presented using a menu system, and multiple Gopher servers can be linked together to form a collective "Gopherspace".

There is an unchecked buffer in a piece of code which handles the response from Gopher servers. This code is used independently in IE, ISA, and Proxy Server. A security vulnerability results because it is possible for an attacker to attempt to exploit this flaw by mounting a buffer overrun attack through a specially crafted server response. The attacker could seek to exploit the vulnerability by crafting a web page that contacted a server under the attacker's control. The attacker could then either post this page on a web site or send it as an HTML email. When the page was displayed and the server's response received and processed, the attack would be carried out.

A successful attack requires that the attacker be able to send information to the intended target. Anything which inhibited connectivity could protect against attempts to exploit this vulnerability. In the case of IE, the code would be run in the user's context. As a result, any limitations on the user would apply to the attacker's code as well.

Download
Newsbot ist offline   Mit Zitat antworten
Antwort

« Vorheriges Thema | Nächstes Thema »


Themen-Optionen Thema durchsuchen
Thema durchsuchen:

Erweiterte Suche
Ansicht
Linear-Darstellung Linear-Darstellung

Forumregeln
Es ist dir nicht erlaubt, neue Themen zu verfassen.
Es ist dir nicht erlaubt, auf Beiträge zu antworten.
Es ist dir nicht erlaubt, Anhänge anzufügen.
Es ist dir nicht erlaubt, deine Beiträge zu bearbeiten.
vB Code ist An.
Smileys sind An.
[IMG] Code ist An.
HTML-Code ist An.
Gehe zu

Ähnliche Themen
Thema Erstellt von Forum Antworten Letzter Beitrag
Microsoft Security Bulletin MS02-033 - Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273) Newsbot News Archiv 0 27.06.2002 10:05
Microsoft Security Bulletin MS02-029 - Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138) Newsbot News Archiv 0 14.06.2002 23:32
Microsoft Security Bulletin MS02-022 - Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661) Newsbot News Archiv 0 12.06.2002 09:40
Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889) Newsbot News Archiv 0 12.06.2002 09:36
Microsoft Security Bulletin MS02-026 - Unchecked Buffer in ASP.NET Worker Process (Q322289) Newsbot News Archiv 0 10.06.2002 09:02


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:30 Uhr.

Alle Foren als gelesen markieren - Kontakt - WinHelpline - Datenschutzerklärung / Impressum - Nach oben

Powered by vBulletin Version 3.5.4 (Deutsch)
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 2.4.0
Copyright ©2000 - 2006, WinHelpline.info
  Werbung

  Moderatoren
   Schach
   Seefahrt
   Lotte Berk
   Netzwerkservice
   Football
   Webdesign

Partnerlinks:  3DCenter.org |  3DChips.net |  Planet 3DNow! |  3DChip.de |  Netzwerktotal |  Wintotal.de |  Elektrikforum.de |  Computerwissen.de |  Prad.de |  Winsoftware.de |  netzwelt.de |  WinFAQ.de