Bugtraq ID: 45695
CVE ID:CVE-2011-0026
CNCVE ID:CNCVE-20110026
 
漏洞发布时间:2011-01-10
漏洞更新时间:2011-01-10
 
漏洞起因
边界条件错误
危险等级

 
影响系统
Microsoft Windows Data Access Components 6.0
Microsoft Data Access Components (MDAC) 2.8 SP2
Microsoft Data Access Components (MDAC) 2.8 SP1
Microsoft Data Access Components (MDAC) 2.8
 
不受影响系统
 
危害
远程攻击者可以利用漏洞以应用程序安全上下文执行任意代码。
 
攻击所需条件
攻击者必须构建恶意WEB页,诱使用户访问。
 
漏洞信息
Microsoft Data Access Components是一款微软数据库访问组件。
Microsoft Data Access Components处理部分ODBC API的DSN(Data Source Name)参数时存在错误,攻击者可以利用漏洞进行缓冲区溢出攻击。
odbc32.dll组件中的SQLConnectW调用存在缺陷。当计算用户提供的szDSN大小时,传递给lstrlenW的调用结果用于与SQL_MAX_DSN_LENGTH的符号对比以验证目的缓冲区大小,此值之后用于把用户提供的数据拷贝到固定长度的栈缓冲区中,恶意szDSN长度可用于利用符号错误执行任意代码。
 
测试方法
 
厂商解决方案

用户可参考如下供应商提供的补丁信息:

Microsoft Data Access Components (MDAC) 2.8 SP2
Microsoft WindowsServer2003-KB2419635-ia64-ENU.exe
http://www.microsoft.com/downloads/details.aspx?familyid=8DBCBB91-464B-4EB3-B7E5-AFE82FEBF8D7

Microsoft WindowsServer2003-KB2419635-x86-ENU.exe
http://www.microsoft.com/downloads/details.aspx?familyid=D451CED7-C9C7-4C41-9D44-8F8929FCA390

Microsoft WindowsServer2003.WindowsXP-KB2419635-x64-ENU.exe
http://www.microsoft.com/downloads/details.aspx?familyid=CE06BFDC-7B0D-4E65-9A13-E009E3A6A9F0

Microsoft Windows Data Access Components 6.0
Microsoft Windows6.1-KB2419640-ia64.msu
http://www.microsoft.com/downloads/details.aspx?familyid=BA2612EC-FFAD-4CD3-85C6-BA07F70A0D24

Microsoft Windows6.0-KB2419640-x86.msu
http://www.microsoft.com/downloads/details.aspx?familyid=13445E4A-099A-4EDD-864E-C44F42940500

Microsoft Windows6.1-KB2419640-x64.msu
http://www.microsoft.com/downloads/details.aspx?familyid=CF30E5C0-811B-4ECD-A6B2-874000D25074

Microsoft Windows6.0-KB2419640-ia64.msu
http://www.microsoft.com/downloads/details.aspx?familyid=5ECC8180-6BAA-4F4B-A392-4B45A30469FC

Microsoft Windows6.1-KB2419640-x86.msu
http://www.microsoft.com/downloads/details.aspx?familyid=3DFD4F1C-E7A5-4686-8D2C-B7A5A53C5333

Microsoft Windows6.0-KB2419640-x64.msu
http://www.microsoft.com/downloads/details.aspx?familyid=FD6B806E-50D4-4F4D-96E1-7C71FCA4C543

Microsoft Data Access Components (MDAC) 2.8 SP1
Microsoft WindowsXP-KB2419632-x86-ENU.exe
http://www.microsoft.com/downloads/details.aspx?familyid=7951FD7B-6B0A-4168-8519-312A62FF3289

漏洞提供者
Abdul Aziz Hariri, working with TippingPoint's Zero Day Initiative
 
漏洞消息链接
http://www.zerodayinitiative.com/advisories/ZDI-11-001/
http://www.microsoft.com/technet/security/Bulletin/MS11-002.mspx
http://secunia.com/advisories/42804/
 
漏洞消息标题
Microsoft Data Access Components DSN Overflow Code Execution Vulnerability
Microsoft Security Bulletin MS11-002
Microsoft Data Access Components Two Vulnerabilities