Win2K Pro在安装过程中存在安全漏洞 Win2K Pro installation process in a security vulnerability

Release time for this security vulnerability February 16, 2000 by Stephane Aubert

影响的版本: Affects all versions:
Microsoft Windows 2000 Professional Microsoft Windows 2000 Professional
漏洞描述: Vulnerability Description:
根据Stephane的报道,在安装Win2K Pro的过程中任一用户都能够在不提供密码的情况下访问管理员帐号共享的ADMIN$共享,该ADMIN$共享被映射为Windows操作系统中的根目录.Stephane证实了在安装的过程中Administrator实际上是定义了的,但是,根据观测指出,该密码必须要到系统重新启动的时候才能够生效.在系统重新启动前这段时间内,任何人都可以使用一个空白的口令访问Administrator帐号.还没有被证实的是,这个漏洞是否能够被用来在这段时间内修改管理员帐号的密码. According to Stephane reports, in the process of installing Win2K Pro users are able to either do not provide a password to access the administrator account to share ADMIN $ share, the ADMIN $ share is mapped to the Windows operating system root directory. Stephane confirmed the Administrator in the installation process is actually defined, but, according to the observation that the password must be to restart the system when it can take effect in the system to restart before this time, anyone can use a blank password to access the Administrator account. has not been confirmed that this vulnerability can be used during this time to modify administrator account password.
这个问题指出:在安装到系统的网络层已经被激活而系统还没有重新启动的时候,入侵者可以通过网络 The problem pointed out: the installation of the network layer to the system has been activated and the system still does not restart when the intruder via the Web
控制你的Win2000系统.在这段时间内系统中所有的资源都有可能暴露. Control your Win2000 system, during which time all of the resources within the system are likely exposed.
Stephane使用"smbclient"工具证实了这个bug,该工具随SAMBA发布.下面是入侵的过程中输出的状态: Stephane use "smbclient" tool to confirm this bug, the tool with the SAMBA release. Here is the output of the process of invasion of the state:

% ./smbclient \\\\WINDOZE\\ADMIN$ -I xxx.yyy.zzz.ttt -U 'administrator' %. / Smbclient \ \ \ \ WINDOZE \ \ ADMIN $-I xxx.yyy.zzz.ttt-U 'administrator'
-d 0 -N -D 0-N

Unable to open configuration file "/usr/local/samba/lib/smb.conf"! Unable to open configuration file "/ usr / local / samba / lib / smb.conf"!
pm_process retuned false pm_process retuned false
Can't load /usr/local/samba/lib/smb.conf - run testparm to debug it Can't load / usr / local / samba / lib / smb.conf - run testparm to debug it
Domain=[GROAR] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] Domain = [GROAR] OS = [Windows 5.0] Server = [Windows 2000 LAN Manager]

smb: \> smb: \>