chenshao 2008-4-26 22:51
求助谁能帮下忙,刚刚扫描的一个IP地址,怎么样才可以取得最高权限
X-Scan 检测报告
本报表列出了被检测主机的详细漏洞信息, 请根据提示信息或链接内容进行相应修补. 欢迎参加X-Scan脚本翻译项目
扫描时间
2008-4-26 16:25:47 - 2008-4-26 17:37:38
检测结果
存活主机 1
漏洞数量 3
警告数量 7
提示数量 66
主机列表
主机 检测结果
61.160.208.173 发现安全漏洞
主机摘要 - OS: Unknown OS; PORT/TCP: 7, 9, 13, 19, 21, 22, 23, 25, 53, 79, 80, 110, 111, 119, 139, 143, 443, 445, 465, 512, 513, 514, 554, 563, 585, 636, 808, 990, 991, 992, 993, 994, 995, 1025, 1027, 1080, 1352, 1433, 1521, 1525, 1935, 2049, 2401, 3128, 3306, 3389, 4899, 5000, 5800, 5900, 5901, 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 6008, 6009, 8000, 8080, 8181, 65301
[返回顶部]
主机分析: 61.160.208.173
主机地址 端口/服务 服务漏洞
61.160.208.173 microsoft-ds (445/tcp) 发现安全提示
61.160.208.173 netbios-ssn (139/tcp) 发现安全提示
61.160.208.173 Real Time Stream Control Protocol (554/tcp) 发现安全提示
61.160.208.173 Lotus Notelotusnote (1352/tcp) 发现安全提示
61.160.208.173 echo (7/tcp) 发现安全提示
61.160.208.173 pcanywhere (65301/tcp) 发现安全提示
61.160.208.173 finger (79/tcp) 发现安全提示
61.160.208.173 POP3-ssl (995/tcp) 发现安全提示
61.160.208.173 imap4-ssl (585/tcp) 发现安全提示
61.160.208.173 chargen (19/tcp) 发现安全提示
61.160.208.173 smtp (25/tcp) 发现安全提示
61.160.208.173 Radmin(remote PC control software) (4899/tcp) 发现安全提示
61.160.208.173 unknown (1027/tcp) 发现安全提示
61.160.208.173 Oracle Database (1521/tcp) 发现安全提示
61.160.208.173 unknown (994/tcp) 发现安全提示
61.160.208.173 exec (512/tcp) 发现安全提示
61.160.208.173 IMAP-ssl (993/tcp) 发现安全提示
61.160.208.173 HTTP proxy (3128/tcp) 发现安全提示
61.160.208.173 IMail (8181/tcp) 发现安全提示
61.160.208.173 SSH, Remote Login Protocol (22/tcp) 发现安全提示
61.160.208.173 FTP-ssl (990/tcp) 发现安全提示
61.160.208.173 ldaps (636/tcp) 发现安全提示
61.160.208.173 login (513/tcp) 发现安全提示
61.160.208.173 Proxy server (808/tcp) 发现安全提示
61.160.208.173 VNC(Virtual Network Computer HTTP Access) (5800/tcp) 发现安全提示
61.160.208.173 ftp (21/tcp) 发现安全提示
61.160.208.173 daytime (13/tcp) 发现安全提示
61.160.208.173 Oracle or Prospero Directory Service non-priv (1525/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6000/tcp) 发现安全提示
61.160.208.173 unknown (8000/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6006/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6001/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6007/tcp) 发现安全提示
61.160.208.173 NNTP-ssl (563/tcp) 发现安全提示
61.160.208.173 SMTP-ssl (465/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6002/tcp) 发现安全提示
61.160.208.173 Telnet-ssl (992/tcp) 发现安全提示
61.160.208.173 MySql (3306/tcp) 发现安全提示
61.160.208.173 telnet (23/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6004/tcp) 发现安全提示
61.160.208.173 network blackjack (1025/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6009/tcp) 发现安全提示
61.160.208.173 SOCKS (1080/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6008/tcp) 发现安全提示
61.160.208.173 nntp (119/tcp) 发现安全提示
61.160.208.173 unknown (1935/tcp) 发现安全提示
61.160.208.173 VNC(Virtual Network Computer) (5900/tcp) 发现安全提示
61.160.208.173 VNC-ssl (5901/tcp) 发现安全提示
61.160.208.173 HTTP proxy server (8080/tcp) 发现安全提示
61.160.208.173 http (80/tcp) 发现安全提示
61.160.208.173 https (443/tcp) 发现安全提示
61.160.208.173 Windows Terminal Services (3389/tcp) 发现安全提示
61.160.208.173 imap (143/tcp) 发现安全提示
61.160.208.173 discard (9/tcp) 发现安全警告
61.160.208.173 x11 X Window System (6003/tcp) 发现安全提示
61.160.208.173 ms-sql-s (1433/tcp) 发现安全提示
61.160.208.173 networked file system (2049/tcp) 发现安全提示
61.160.208.173 pop3 (110/tcp) 发现安全提示
61.160.208.173 unknown (991/tcp) 发现安全提示
61.160.208.173 Windows XP UPNP (5000/tcp) 发现安全提示
61.160.208.173 CVS network server (2401/tcp) 发现安全提示
61.160.208.173 x11 X Window System (6005/tcp) 发现安全提示
61.160.208.173 sunrpc (111/tcp) 发现安全提示
61.160.208.173 domain (53/tcp) 发现安全提示
61.160.208.173 cmd (514/tcp) 发现安全提示
61.160.208.173 unknown (8390/tcp) 发现安全警告
61.160.208.173 netbios-ns (137/udp) 发现安全提示
61.160.208.173 http-rpc-epmap (593/tcp) 发现安全警告
61.160.208.173 unknown (3067/tcp) 发现安全漏洞
61.160.208.173 unknown (256/tcp) 发现安全警告
61.160.208.173 unknown (257/tcp) 发现安全警告
61.160.208.173 unknown (258/tcp) 发现安全警告
61.160.208.173 unknown (36794/tcp) 发现安全警告
61.160.208.173 X Font Service (7100/tcp) 发现安全漏洞
61.160.208.173 unknown (7101/tcp) 发现安全漏洞
安全漏洞及解决方案: 61.160.208.173
类型 端口/服务 安全漏洞及解决方案
提示 microsoft-ds (445/tcp) 开放服务
"microsoft-ds"服务可能运行于该端口.
NESSUS_ID : 10330
提示 netbios-ssn (139/tcp) 开放服务
"netbios-ssn"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Real Time Stream Control Protocol (554/tcp) 开放服务
"Real Time Stream Control Protocol"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Lotus Notelotusnote (1352/tcp) 开放服务
"Lotus Notelotusnote"服务可能运行于该端口.
NESSUS_ID : 10330
提示 echo (7/tcp) 开放服务
"echo"服务可能运行于该端口.
NESSUS_ID : 10330
提示 pcanywhere (65301/tcp) 开放服务
"pcanywhere"服务可能运行于该端口.
NESSUS_ID : 10330
提示 finger (79/tcp) 开放服务
"finger"服务可能运行于该端口.
NESSUS_ID : 10330
提示 POP3-ssl (995/tcp) 开放服务
"POP3-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 imap4-ssl (585/tcp) 开放服务
"imap4-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 chargen (19/tcp) 开放服务
"chargen"服务可能运行于该端口.
NESSUS_ID : 10330
提示 smtp (25/tcp) 开放服务
"smtp"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Radmin(remote PC control software) (4899/tcp) 开放服务
"Radmin(remote PC control software)"服务可能运行于该端口.
NESSUS_ID : 10330
提示 unknown (1027/tcp) 开放服务
未知服务运行于该端口.
NESSUS_ID : 10330
提示 Oracle Database (1521/tcp) 开放服务
"Oracle Database"服务可能运行于该端口.
NESSUS_ID : 10330
提示 unknown (994/tcp) 开放服务
未知服务运行于该端口.
NESSUS_ID : 10330
提示 exec (512/tcp) 开放服务
"exec"服务可能运行于该端口.
NESSUS_ID : 10330
提示 IMAP-ssl (993/tcp) 开放服务
"IMAP-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 HTTP proxy (3128/tcp) 开放服务
"HTTP proxy"服务可能运行于该端口.
NESSUS_ID : 10330
提示 IMail (8181/tcp) 开放服务
"IMail"服务可能运行于该端口.
NESSUS_ID : 10330
提示 SSH, Remote Login Protocol (22/tcp) 开放服务
"SSH, Remote Login Protocol"服务可能运行于该端口.
NESSUS_ID : 10330
提示 FTP-ssl (990/tcp) 开放服务
"FTP-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 ldaps (636/tcp) 开放服务
"ldaps"服务可能运行于该端口.
NESSUS_ID : 10330
提示 login (513/tcp) 开放服务
"login"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Proxy server (808/tcp) 开放服务
"Proxy server"服务可能运行于该端口.
NESSUS_ID : 10330
提示 VNC(Virtual Network Computer HTTP Access) (5800/tcp) 开放服务
"VNC(Virtual Network Computer HTTP Access)"服务可能运行于该端口.
NESSUS_ID : 10330
提示 ftp (21/tcp) 开放服务
"ftp"服务可能运行于该端口.
NESSUS_ID : 10330
提示 daytime (13/tcp) 开放服务
"daytime"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Oracle or Prospero Directory Service non-priv (1525/tcp) 开放服务
"Oracle or Prospero Directory Service non-priv"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6000/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 unknown (8000/tcp) 开放服务
未知服务运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6006/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6001/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6007/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 NNTP-ssl (563/tcp) 开放服务
"NNTP-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 SMTP-ssl (465/tcp) 开放服务
"SMTP-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6002/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Telnet-ssl (992/tcp) 开放服务
"Telnet-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 MySql (3306/tcp) 开放服务
"MySql"服务可能运行于该端口.
NESSUS_ID : 10330
提示 telnet (23/tcp) 开放服务
"telnet"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6004/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 network blackjack (1025/tcp) 开放服务
"network blackjack"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6009/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 SOCKS (1080/tcp) 开放服务
"SOCKS"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6008/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 nntp (119/tcp) 开放服务
"nntp"服务可能运行于该端口.
NESSUS_ID : 10330
提示 unknown (1935/tcp) 开放服务
未知服务运行于该端口.
NESSUS_ID : 10330
提示 VNC(Virtual Network Computer) (5900/tcp) 开放服务
"VNC(Virtual Network Computer)"服务可能运行于该端口.
NESSUS_ID : 10330
提示 VNC-ssl (5901/tcp) 开放服务
"VNC-ssl"服务可能运行于该端口.
NESSUS_ID : 10330
提示 HTTP proxy server (8080/tcp) 开放服务
"HTTP proxy server"服务可能运行于该端口.
NESSUS_ID : 10330
提示 http (80/tcp) 开放服务
"http"服务可能运行于该端口.
NESSUS_ID : 10330
提示 https (443/tcp) 开放服务
"https"服务可能运行于该端口.
NESSUS_ID : 10330
提示 Windows Terminal Services (3389/tcp) 开放服务
"Windows Terminal Services"服务可能运行于该端口.
NESSUS_ID : 10330
提示 imap (143/tcp) 开放服务
"imap"服务可能运行于该端口.
NESSUS_ID : 10330
警告 discard (9/tcp) Discard端口开放
远程主机正在运行'discard'服务. 此服务建立一个监听套接字并忽略所有接接收到的数据.
目前此服务已不再使用, 因此告诫禁止此服务.
解决方案 :
- 在Unix系统, 注释/etc/inetd.conf文件中的'discard'行并重新启动inetd进程
- 在Windows系统, 将下列注册表项设置为0 :
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpDiscard
然后运行cmd.exe并键入如下命令来重新启动服务 :
net stop simptcp
net start simptcp
风险等级 : 低
___________________________________________________________________
The remote host is running a 'discard' service. This service
typically sets up a listening socket and will ignore all the
data which it receives.
This service is unused these days, so it is advised that you
disable it.
Solution :
- Under Unix systems, comment out the 'discard' line in /etc/inetd.conf
and restart the inetd process
- Under Windows systems, set the following registry key to 0 :
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpDiscard
Then launch cmd.exe and type :
net stop simptcp
net start simptcp
To restart the service.
Risk factor : Low
CVE_ID : CAN-1999-0636
NESSUS_ID : 11367
提示 discard (9/tcp) 开放服务
"discard"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6003/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 ms-sql-s (1433/tcp) 开放服务
"ms-sql-s"服务可能运行于该端口.
NESSUS_ID : 10330
提示 networked file system (2049/tcp) 开放服务
"networked file system"服务可能运行于该端口.
NESSUS_ID : 10330
提示 pop3 (110/tcp) 开放服务
"pop3"服务可能运行于该端口.
NESSUS_ID : 10330
提示 unknown (991/tcp) 开放服务
未知服务运行于该端口.
NESSUS_ID : 10330
提示 Windows XP UPNP (5000/tcp) 开放服务
"Windows XP UPNP"服务可能运行于该端口.
NESSUS_ID : 10330
提示 CVS network server (2401/tcp) 开放服务
"CVS network server"服务可能运行于该端口.
NESSUS_ID : 10330
提示 x11 X Window System (6005/tcp) 开放服务
"x11 X Window System"服务可能运行于该端口.
NESSUS_ID : 10330
提示 sunrpc (111/tcp) 开放服务
"sunrpc"服务可能运行于该端口.
NESSUS_ID : 10330
提示 domain (53/tcp) 开放服务
"domain"服务可能运行于该端口.
NESSUS_ID : 10330
提示 cmd (514/tcp) 开放服务
"cmd"服务可能运行于该端口.
NESSUS_ID : 10330
警告 unknown (8390/tcp) 检测xtux server
xtux server正运行在该端口上。如果攻击者连接该端口并发送垃圾数据,服务段程序可能会陷入死循环使CPU过载。
解决办法: 禁用该服务,至少起用防火墙保护
风险等级: 中
___________________________________________________________________
The xtux server might be running on this port. If somebody connects to
it and sends it garbage data, it may loop and overload your CPU.
Solution: disable it, or at least firewall it
Risk factor : Medium
CVE_ID : CVE-2002-0431
BUGTRAQ_ID : 4260
NESSUS_ID : 11016
提示 netbios-ns (137/udp) 使用NetBIOS探测Windows主机信息
如果NetBIOS端口(UDP:137)已经打开,
一个远程攻击者可以利用这个漏洞获得主机
的敏感信息,比如机器名,工作组/域名,
当前登陆用户名等。
解决方法:阻止这个端口的外部通信。
风险等级:中
___________________________________________________________________
The following 4 NetBIOS names have been gathered :
WWW-H1JR0HES1QG = This is the computer name registered for workstation services by a WINS client.
WORKGROUP = Workgroup / Domain name
WWW-H1JR0HES1QG = Computer name
WORKGROUP = Workgroup / Domain name (part of the Browser elections)
The remote host has the following MAC address on its adapter :
00:1b:22:03:b0:24
If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.
Risk factor : Low
CVE_ID : CAN-1999-0621
NESSUS_ID : 10150
警告 http-rpc-epmap (593/tcp) Microsoft RRPC接口缓冲区溢出漏洞(KB824146)
远程Windows主机的RPC接口存在缓冲区溢出漏洞。
该漏洞可导致远程攻击者以SYSTEM权限在系统中执行任意代码。
远程攻击者或蠕虫能据此获得主机的控制权。
注意:此BUG不同于NMS03-026,NMS03-026漏洞造成了'MSBlast' (又名LoveSan)蠕虫泛滥
解决方案:参考 [url]http://www.microsoft.com/technet/security/bulletin/MS03-039.asp[/url]
风险等级 : 高
___________________________________________________________________
Network problems stopped us from finding out if the host is vulnerable to MS03-039 or not. Diagnostic = main: dcom_recv
CVE_ID : CAN-2003-0715, CAN-2003-0528, CAN-2003-0605
BUGTRAQ_ID : 8458, 8460
NESSUS_ID : 11835
Other references : IAVA:2003-A-0012
漏洞 unknown (3067/tcp) Korgo蠕虫检测
远程主机可能被Korgo蠕虫感染;通过TCP端口445 上的LSASS弱点衍生(就像微软安全公告MS04-011上描述的一样),打开TCP端口113和3067的后门;参见[url]http://securityresponse.symantec.com/avcenter/venc/data/w32.korgo.c.html[/url]
[url]http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx[/url]
方案:;通过使用防火墙禁止访问端口445;加打微软MS04-011补丁;风险级别:高
___________________________________________________________________
The remote host is probably infected with Korgo worm.
It propagates by exploiting the LSASS vulnerability on TCP port 445
(as described in Microsoft Security Bulletin MS04-011)
and opens a backdoor on TCP ports 113 and 3067.
See also :
[url]http://securityresponse.symantec.com/avcenter/venc/data/w32.korgo.c.html[/url]
[url]http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx[/url]
Solution:
- Disable access to port 445 by using a firewall
- Apply Microsoft MS04-011 patch.
Risk factor : High
NESSUS_ID : 12252
警告 unknown (256/tcp) Checkpoint FW-1 identification
The remote host has the three tcp ports 256, 257 and 258
open.
It's very likely that this host is a Checkpoint Firewall/1.
Letting attackers know that you are running FW/1 will
help them to focus their attack or will make them
change their strategy.
You should not let them know such information.
Solution : do not allow any connection on the
firewall itself, except for the firewall
protocol, and allow that for trusted sources
only.
If you have a router which performs packet
filtering, then add ACL that disallows the
connection to these ports for unauthorized
systems.
See also : [url]http://www.phoneboy.com/fom-serve/cache/405.html[/url]
Risk factor : Low
NESSUS_ID : 10044
警告 unknown (257/tcp) Checkpoint FW-1 identification
The remote host has the three tcp ports 256, 257 and 258
open.
It's very likely that this host is a Checkpoint Firewall/1.
Letting attackers know that you are running FW/1 will
help them to focus their attack or will make them
change their strategy.
You should not let them know such information.
Solution : do not allow any connection on the
firewall itself, except for the firewall
protocol, and allow that for trusted sources
only.
If you have a router which performs packet
filtering, then add ACL that disallows the
connection to these ports for unauthorized
systems.
See also : [url]http://www.phoneboy.com/fom-serve/cache/405.html[/url]
Risk factor : Low
NESSUS_ID : 10044
警告 unknown (258/tcp) Checkpoint FW-1 identification
The remote host has the three tcp ports 256, 257 and 258
open.
It's very likely that this host is a Checkpoint Firewall/1.
Letting attackers know that you are running FW/1 will
help them to focus their attack or will make them
change their strategy.
You should not let them know such information.
Solution : do not allow any connection on the
firewall itself, except for the firewall
protocol, and allow that for trusted sources
only.
If you have a router which performs packet
filtering, then add ACL that disallows the
connection to these ports for unauthorized
systems.
See also : [url]http://www.phoneboy.com/fom-serve/cache/405.html[/url]
Risk factor : Low
NESSUS_ID : 10044
警告 unknown (36794/tcp) Bugbear蠕虫
BugBear后门正在该端口监听.
远程攻击者可以连接到该端口以获得该主机的敏感信息
例如密码信息或者信用卡账号...
BugBear蠕虫自身包含有一个键盘纪录器并且可以终止
反病毒软件或者个人防火墙的进程. 同时还可以通过邮件或Windows共享传播自身.
反病毒厂商对其的命名还包括: Tanatos,
I-Worm.Tanatos, NATOSTA.A, W32/Bugbear-A, Tanatos, W32/Bugbear@MM,
WORM_BUGBEAR.A, Win32.BugBear...
[url]http://www.sophos.com/virusinfo/analyses/w32bugbeara.html[/url]
[url]http://www.ealaddin.com/news/2002/esafe/bugbear.asp[/url]
[url]http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.html[/url]
[url]http://vil.nai.com/vil/content/v_99728.htm[/url]
参考资源 : [url]http://online.securityfocus.com/news/1034[/url]
参考资源 : [url]http://support.microsoft.com/default.aspx?scid=KB[/url]
en-us
329770&
解决方案:
- 使用反病毒软件清除该蠕虫.
- 关闭Windows共享
- 升级IE浏览器
参见 '不正确的MIME标题会导致IE执行电子邮件附件'
[url]http://www.microsoft.com/technet/security/bulletin/MS01-020.asp[/url]
风险等级 : 待定
___________________________________________________________________
This port is usualy used by the BugBear backdoor.
Although Nessus was unable to get an answer from the worm,
you'd better check your machine with an up to date
antivirus scanner.
Risk factor: Medium
CVE_ID : CVE-2001-0154
BUGTRAQ_ID : 2524
NESSUS_ID : 11135
漏洞 X Font Service (7100/tcp) XFont Service缓冲区溢出
远程X Font Service (xfs) 存在缓冲区溢出漏洞。攻击者可以利用这个漏洞远程获得主机管理员权限。
解决方案:参见CERT Advisory CA-2002-34
风险等级:高
___________________________________________________________________
The remote X Font Service (xfs) might be vulnerable to a buffer
overflow.
An attacker may use this flaw to gain root on this host
remotely.
*** Note that Nessus did not actually check for the flaw
*** as details about this vulnerability are still unknown
Solution : See CERT Advisory CA-2002-34
Risk factor : High
CVE_ID : CAN-2002-1317
BUGTRAQ_ID : 6241
NESSUS_ID : 11188
漏洞 unknown (7101/tcp) xfstt存在有执行代码
远程TrueType字体服务(xfstt)有一个漏洞,
可以执行引起这个服务缓冲区溢出的代码。
并可以获得一个系统管理员账号,可以利用这个漏洞的一个攻击来获得,
可以完全拒绝X11工作
修补这个漏洞的办法 : 升级到最新版本的xfstt
风险等级: 高
___________________________________________________________________
The remote X Font Service for TrueType (xfstt) might be vulnerable to a buffer
overflow which may lead to code execution or a denial of service.
An attacker may use this flaw to gain root on this host
remotely or prevent X11 from working properly.
*** Note that Nessus did not actually check for the flaw
*** so this might be a false positive
Solution : Upgrade to the latest version of xfstt
Risk factor : High
CVE_ID : CAN-2003-0581
BUGTRAQ_ID : 8182
NESSUS_ID : 11814
--------------------------------------------------------------------------------
未知驱动探索,专注成就专业