流出したNSAのハッキングツールの影響範囲を調べてみた
「NSAのハッキングツール」新たに大量流出 Windowsの脆弱性悪用も - ITmedia エンタープライズ
それ以外の3件についても、サポート対象のプラットフォームでは攻撃を再現できなかったと述べ、「Windows 7とそれ以降のバージョンのWindows、またはExchange 2010とそれ以降のバージョンのExchangeに危険は及ばない」と説明
ということなので、一応調べてみた。
| Code Name | News | Microsoft |
| ESKIMOROLL, | a Kerberos exploit targeting Windows 2000, Server 2003, Server 2008 and Server 2008 R2 domain controllers. | MS14-068 |
| EMPHASISMINE | remote IMAP exploit for later versions of Lotus Domino. | - |
| ETERNALROMANCE | remote SMB1 network file server exploit targeting Windows XP, Server 2003, Vista, Windows 7, Windows 8, Server 2008, and Server 2008 R2. This is yet another reason to stop using SMB1 ? it's old and vulnerable. |
MS17-010 |
| ETERNALBLUE | another SMB1 and SMB2 exploit. Below is a video showing ETERNALBLUE compromising a Windows 2008 R2 SP1 x64 host via FUZZBUNCH to install a remote command execution tool called DOUBLEPULSAR. | MS17-010 |
| ETERNALCHAMPION | SMB2 exploit. ERRATICGOPHER, an SMB exploit targeting Windows XP and Server 2003. |
CVE-2017-0146 CVE-2017-0147 |
| ETERNALSYNERGY | remote code execution exploit against SMB3 that potentially works against operating systems as recent Windows Server 2012. | MS17-010 |
| EMERALDTHREAD | SMB exploit that drops a Stuxnet-style implant on systems. , a remote |
MS10-061 |
| ESTEEMAUDIT | RDP exploit targeting Windows Server 2003 and Windows XP to install hidden spyware. | - |
| EXPLODINGCAN | IIS 6?exploit that targets WebDav on Server 2003 only. | - |
| ErraticGopher | SMB exploit, targets XP and 2003 | prior to the release of Windows Vista |
| OddJob | implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected | - |
| EasyBee | exploit for MDaemon private email server | - |
| EducatedScholar | SMB v2 | MS09-050 |
| FuzzBunch | an exploit framework, similar to MetaSploit | - |
| EclipsedWing | SMB exploit for 2000, 2003 and XP | MS08-067 |
| EnglishMansDentist | appears to use OWA and SMTP, maybe remote rule trigger on client | - |
| EwokFrenzy | Lotus Domino 6 & 7 exploit | - |
| ZippyBeer | Microsoft Domain Controller exploit | - |
| DoublePulsar | SMB | MS17-010 ? |
| Easypi | Lotus cc:Mail exploit | - |
| EARLYSHOVEL | RedHat 7.0 - 7.1 Sendmail 8.11.x exploit | - |
| ECHOWRECKER | remote Samba 3.0.x Linux exploit. | - |
| EBBISLAND (EBBSHAVE) | root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86. | - |
| EPICHERO | 0-day exploit (RCE) for Avaya Call Server | - |
| ETRE | an exploit for IMail 8.10 to 8.22 | - |
赤字がパッチなし確定のやつ。(ただし、XP 2009は出てるパッチもある)
正しくは、 Windows 7/8もターゲットにした ハッキングツールがあるが、Windows Update を適用していれば問題ない。
ことがわかる
Translate
Comments