- 论坛徽章:
- 0
|
|
用 S-Scan 对服务器进行安全扫描,提示发现一个漏洞,X-Scan 的描述如下:\r\n\r\n漏洞[/COLOR] microsoft-ds (445/tcp)\r\n\r\nSMB OpenEventLog() over \\srvsvc\r\n\r\n\r\nIt is possible to anonymously read the event logs of the remote Windows 2000 host by connecting to the \\srvsvc pipe and binding to the event log service.\r\n\r\nAn attacker may use this flaw to anonymously read the system logs of the remote host. As system logs typically include valuable information, an attacker may use them to perform a better attack against the remote host.\r\n\r\nSolution : Install the Update Rollup Package 1 (URP1) for Windows 2000 SP4 or set the value RestrictGuestAccess on the Applications and System logs\r\nRisk factor : High\r\nNESSUS_ID : 18602\r\n\r\n大意思似乎是说攻击者通过连接 \\Srvsvc 管道并绑定到事件日记服务就可能读取服务器的事件日志。\r\n\r\n风险等级是高!\r\n\r\n解决方案是叫我安装一个 Windows 2000 的更新增量包,或是在应用程序或系统日志上设置一个值。\r\n\r\n解决方法说得比较含糊(或许是我的英文差看不懂),请教高手,这个漏洞应该怎么补上? |
|
免费注册
发表于 2006-10-24 16:12
