CVE-1999-0004
CVSS5.0
发布时间 :1997-12-16 00:00:00
修订时间 :2008-09-09 08:33:31
NMCOS    

[原文]MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.


[CNNVD]多个供应商MIME-aware Mail以及News Clients漏洞(CNNVD-199712-011)

        电子邮件客户端中存在MIME缓冲区溢出漏洞,例如:mailtool以及Outlook。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:university_of_washington:pine:4.02
cpe:/o:sco:unixware:7.0
cpe:/a:hp:dtmailHP dtmail

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0004
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0004
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199712-011
(官方数据源) CNNVD

- 其它链接及资源

http://www.microsoft.com/technet/security/bulletin/ms98-008.asp
(UNKNOWN)  MS  MS98-008

- 漏洞信息

多个供应商MIME-aware Mail以及News Clients漏洞
中危 缓冲区溢出
1997-12-16 00:00:00 2005-10-20 00:00:00
远程  
        电子邮件客户端中存在MIME缓冲区溢出漏洞,例如:mailtool以及Outlook。

- 公告与补丁

        Patches and upgrades exist for most of the popular packages which were affected by this problem. CERT advisory CA-98.10.mime_buffer_overflows details individual vendor responses to the problem. In addition, it gives references to a number of solutions that allow for the eilimination of externally originating mail attempting to exploit this vulnerability by utilizing filtering at the SMTP server. These solutions, however, should not be considered a solution, but rather a temporary measure until all possibly affected systems can be patched.
        Mutt versions up to and including 0.93.1(i) are vulnerable. The bug has been fixed as of mutt 0.93.2(i). A patch was distributed on Usenet on July 29, 1998.
        Users of older versions should upgrade as soon as possible. Mutt 0.93.2(i) is available from ftp://ftp.guug.de/pub/mutt/

- 漏洞信息

5708
Multiple E-mail Client Long File Name MIME Overflow
Remote / Network Access Input Manipulation
Loss of Confidentiality, Loss of Integrity

- 漏洞描述

A remote overflow exists in several mail user agents (MUAs). The MUAs fail to properly cope with tags that identify an attachment, resulting in a buffer overflow. With a specially crafted e-mail, an attacker can potentially execute arbitrary code resulting in a loss of confidentiality and/or integrity.

- 时间线

1998-07-27 1998-06-29
Unknow Unknow

- 解决方案

Upgrade to the proper version depending on the MUA installed, according to the vendor advisories, as they have been reported to fix this vulnerability. An upgrade is required as there are no known client side workarounds. Sendmail has implemented a patch that can be implemented as a workaround if used as an MTA. The patch is listed in the external references.

- 相关参考

- 漏洞作者

- 漏洞信息

Multiple Vendor Buffer Overflow in MIME-aware Mail and News Clients Vulnerability
Boundary Condition Error 125
No No
1998-07-03 12:00:00 2009-07-11 12:16:00
The vulnerability was discovered by Marko Laakso and Ari Takanen of the Secure Programming Group of the University of Oulu. It was first reported to the public July 3rd, 1998 on the Bugtraq and NT Bugtraq mailing lists.

- 受影响的程序版本

University of Washington Pine 4.0.2
Sun Solaris 2.5.1
Sun Solaris 2.6
Sun Solaris 2.5
Netscape Communicator 4.5 BETA
Netscape Communicator 4.5
- Caldera OpenLinux Desktop 2.3
- Caldera OpenLinux eBuilder 3.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.0
- Conectiva Linux 3.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- Mandriva Linux Mandrake 6.1
- Mandriva Linux Mandrake 6.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.1 sparc
- RedHat Linux 6.1 i386
- RedHat Linux 6.1 alpha
- RedHat Linux 6.0 sparc
- RedHat Linux 6.0 alpha
- RedHat Linux 6.0
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3
Netnation Communications Secure Locate 4.5
Mutt Mutt 0.93.1 (i)
MIT Kerberos 5 0.93.1 (i)
Microsoft Outlook Express 4.72.2106
Microsoft Outlook Express 4.27.3110
Microsoft Outlook 98 0
- Microsoft Windows 95
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0
HP dtmail 1.2
Netscape Communicator 4.5
- Caldera OpenLinux Desktop 2.3
- Caldera OpenLinux eBuilder 3.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.0
- Conectiva Linux 3.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- Mandriva Linux Mandrake 6.1
- Mandriva Linux Mandrake 6.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.1 sparc
- RedHat Linux 6.1 i386
- RedHat Linux 6.1 alpha
- RedHat Linux 6.0 sparc
- RedHat Linux 6.0 alpha
- RedHat Linux 6.0
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3
Netscape Communicator 4.06
- Caldera OpenLinux Desktop 2.3
- Caldera OpenLinux eBuilder 3.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.0
- Conectiva Linux 3.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- Mandriva Linux Mandrake 6.1
- Mandriva Linux Mandrake 6.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.1 sparc
- RedHat Linux 6.1 i386
- RedHat Linux 6.1 alpha
- RedHat Linux 6.0 sparc
- RedHat Linux 6.0 alpha
- RedHat Linux 6.0
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3
Mutt Mutt 0.93.2 (i)

- 不受影响的程序版本

Netscape Communicator 4.5
- Caldera OpenLinux Desktop 2.3
- Caldera OpenLinux eBuilder 3.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.0
- Conectiva Linux 3.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- Mandriva Linux Mandrake 6.1
- Mandriva Linux Mandrake 6.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.1 sparc
- RedHat Linux 6.1 i386
- RedHat Linux 6.1 alpha
- RedHat Linux 6.0 sparc
- RedHat Linux 6.0 alpha
- RedHat Linux 6.0
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3
Netscape Communicator 4.06
- Caldera OpenLinux Desktop 2.3
- Caldera OpenLinux eBuilder 3.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Conectiva Linux 4.0
- Conectiva Linux 3.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- Mandriva Linux Mandrake 6.1
- Mandriva Linux Mandrake 6.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- RedHat Linux 6.1 sparc
- RedHat Linux 6.1 i386
- RedHat Linux 6.1 alpha
- RedHat Linux 6.0 sparc
- RedHat Linux 6.0 alpha
- RedHat Linux 6.0
- RedHat Linux 5.2 sparc
- RedHat Linux 5.2 i386
- RedHat Linux 5.2 alpha
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3
Mutt Mutt 0.93.2 (i)

- 漏洞讨论

A buffer overflow exists in a number of MIME (Multi-purpose Internet Mail Extension) aware email clients that could possibly allow a would be attacker to execute arbitrary commands on the machine which the mail was delivered. It was not necessary in some situations to view the malicious piece of mail

A field in the MIME specification for mailing files contains the filename of the attached file. By carefully crafting a long filename, an attacker could overrun the end of a statically allocated buffer, and cause the remote machine to execute arbitrary commands. While a majority of the publicity surrounding this bug was directed towards the presence of this vulnerability in Netscape Navigator and Internet Explorer under Microsoft based operating systems, similar flaws existed in a number of other products and operating systems.

Fortunately, this vulnerability was discovered and fixed before it could cause any widespread damage. Due to its widespread nature, however, it is important to ensure that all mail clients that are suspect be brought up to their latest patch levels.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Patches and upgrades exist for most of the popular packages which were affected by this problem. CERT advisory CA-98.10.mime_buffer_overflows details individual vendor responses to the problem. In addition, it gives references to a number of solutions that allow for the eilimination of externally originating mail attempting to exploit this vulnerability by utilizing filtering at the SMTP server. These solutions, however, should not be considered a solution, but rather a temporary measure until all possibly affected systems can be patched.

Mutt versions up to and including 0.93.1(i) are vulnerable. The bug has been fixed as of mutt 0.93.2(i). A patch was distributed on Usenet on July 29, 1998.
Users of older versions should upgrade as soon as possible. Mutt 0.93.2(i) is available from ftp://ftp.guug.de/pub/mutt/

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站