返回列表 发帖
萝卜炖排骨 该用户已被删除
楼主 跳转到 » 倒序看帖
打印
tT
萝卜炖排骨发表于 2004-8-3 01:59 | 只看该作者

HELP ME!

刚刚用X-Scan扫描了自己的机器,发现漏洞之多。
别的不说,但是下面的小弟实在是看不懂啊。。。。
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35c..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%%35c..%%35c..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%u00255c..%u00255c..%u00255c..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir  
漏洞 www (80/tcp) IIS编码/解码漏洞: http://10.0.0.9/scripts/..%u00255c..%u00255c..%u00255c..%u00255c..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir  
我的系统是WIN2000 Server   也打了补丁
希望高手能够   指点我把漏洞补好
先谢谢了   。。。。。。
收藏 分享

默读忧伤 该用户已被删除
沙发
默读忧伤发表于 2004-8-3 11:23 | 只看该作者

HELP ME!

虽然我不太会,但是从你的资料来看,你的补丁实在太旧了吧?去下最新的补丁打上吧!IIS的。

TOP

萝卜炖排骨 该用户已被删除
板凳
萝卜炖排骨发表于 2004-8-3 14:35 | 只看该作者

HELP ME!

还是先感谢大家的指点◎
但是我的补丁是最新的啊。。。
-=-=-=-=-=>
有的漏洞很正常
-=-=-=-=-=>
请问指的是哪点啊???

TOP

大漠孤行虾 该用户已被删除
地板
大漠孤行虾发表于 2004-8-3 17:48 | 只看该作者

HELP ME!


这都是些致命的漏洞啊
你要升级IIS的版本
下面有些补丁
http://www.cqu.edu.cn/xinxiziyuan/aqgg_01_07.htm

TOP

萝卜炖排骨 该用户已被删除
5
萝卜炖排骨发表于 2004-8-3 18:54 | 只看该作者

HELP ME!

感谢楼上的哥哥!大虾!!!
但是我又扫了机器
还是发现了一大堆的漏洞!如下:
安全漏洞及解决方案:
类型 端口/服务 安全漏洞及解决方案
提示 smtp (25/tcp) A SMTP server is running on this port
Here is its banner :
220 nan-heizi Microsoft ESMTP MAIL Service, Version: 5.0.2195.2966 ready at Tue, 3 Aug 2004 18:43:08 +0800
NESSUS_ID : 10330

警告 www (80/tcp) CGI漏洞: http://10.0.0.9/abczxv.htw
警告 www (80/tcp) CGI漏洞: http://10.0.0.9/null.ida
警告 www (80/tcp) CGI漏洞: http://10.0.0.9/null.idq
警告 www (80/tcp) CGI漏洞: http://10.0.0.9/scripts
警告 www (80/tcp) CGI漏洞: http://10.0.0.9/scripts/samples/search/qfullhit.htw
警告 www (80/tcp) CGI漏洞: http://10.0.0.9/scripts/samples/search/qsumrhit.htw
提示 www (80/tcp) A web server is running on this port
NESSUS_ID : 10330

提示 https (443/tcp) Maybe the "https" service running on this port.
NESSUS_ID : 10330

提示 netbios-ssn (139/tcp) Maybe the "netbios-ssn" service running on this port.
Here is its banner:
83 .
NESSUS_ID : 10330

警告 epmap (135/tcp)
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Solution : filter incoming traffic to this port.
Risk factor : Low
NESSUS_ID : 10736

提示 epmap (135/tcp) Maybe the "epmap" service running on this port.
NESSUS_ID : 10330

提示 microsoft-ds (445/tcp) Maybe the "microsoft-ds" service running on this port.
NESSUS_ID : 10330

提示 cifs (445/tcp) A CIFS server is running on this port
NESSUS_ID : 11011

提示 smb (139/tcp) An SMB server is running on this port
NESSUS_ID : 11011

提示 DCE/906b0ce0-c70b-1067-b317-00dd010662da (1025/tcp) Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.

Here is the list of DCE services running on this port:
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1025]

Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736

提示 DCE/1ff70682-0a51-30e8-076d-740be8cee98b (1026/tcp) Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.

Here is the list of DCE services running on this port:
UUID: 1ff70682-0a51-30e8-076d-740be8cee98b, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1026]
UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[1026]

Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736

提示 DCE/82ad4280-036b-11cf-972c-00aa006887b0 (3074/tcp) Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.

Here is the list of DCE services running on this port:
UUID: 82ad4280-036b-11cf-972c-00aa006887b0, version 2
Endpoint: ncacn_ip_tcp:10.0.0.9[3074]
UUID: 4f82f460-0e21-11cf-909e-00805f48a135, version 4
Endpoint: ncacn_ip_tcp:10.0.0.9[3074]
UUID: 8cfb5d70-31a4-11cf-a7d8-00805f48a135, version 3
Endpoint: ncacn_ip_tcp:10.0.0.9[3074]
UUID: bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1
Endpoint: ncacn_ip_tcp:10.0.0.9[3074]

Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736

提示 unknown (1029/udp) Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.

Here is the list of DCE services running on this port:
UUID: 5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc, version 1
Endpoint: ncadg_ip_udp:10.0.0.9[1029]
Annotation: Messenger Service

Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736

提示 unknown (3075/udp) Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate queries.
An attacker may use this fact to gain more knowledge
about the remote host.

Here is the list of DCE services running on this port:
UUID: bfa951d1-2f0e-11d3-bfd1-00c04fa3490a, version 1
Endpoint: ncadg_ip_udp:10.0.0.9[3075]

Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736
我也搜索了  一些CGI的补丁   但是不知道针对自己的机器  应该装哪个
还有为什么我的机器开了这么多端口啊?   我不知道哪个应该关掉,哪个应该开着。
盼指点。。。。。。。。。。
希望高手再帮帮我   大恩不言谢!!!

TOP

返回列表 回复 发帖