CVE-1999-0098
CVSS10.0
发布时间 :1998-04-01 00:00:00
修订时间 :2008-09-09 08:33:42
NMCOS    

[原文]Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.


[CNNVD]Sendmail命令SMTP HELO缓冲区溢出漏洞(CNNVD-199804-003)

        Sendmail命令的SMTP HELO存在缓冲区溢出。远程攻击者可以利用该漏洞隐藏活动。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:apple:appleshare::::jp
cpe:/a:slmail:slmail:2.6
cpe:/a:pmail:mercury_mail_serverMercury Mercury Mail Server

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0098
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0098
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199804-003
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

Sendmail命令SMTP HELO缓冲区溢出漏洞
危急 缓冲区溢出
1998-04-01 00:00:00 2010-12-02 00:00:00
远程  
        Sendmail命令的SMTP HELO存在缓冲区溢出。远程攻击者可以利用该漏洞隐藏活动。

- 公告与补丁

        

- 漏洞信息

205
Sendmail HELO Command Mail Identity Concealment

- 漏洞描述

Unknown or Incomplete

- 时间线

1998-01-10 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Sendmail SMTP HELO Argument Buffer Overflow Vulnerability
Boundary Condition Error 49431
Yes No
1998-04-01 12:00:00 1998-04-01 12:00:00
rootshell.com

- 受影响的程序版本

Sendmail Consortium Sendmail 8.14.4
Sendmail Consortium Sendmail 8.14.3
Sendmail Consortium Sendmail 8.13.8
Sendmail Consortium Sendmail 8.13.7
Sendmail Consortium Sendmail 8.13.6
Sendmail Consortium Sendmail 8.13.5
Sendmail Consortium Sendmail 8.13.4
Sendmail Consortium Sendmail 8.13.3
Sendmail Consortium Sendmail 8.13.2
Sendmail Consortium Sendmail 8.13.1
Sendmail Consortium Sendmail 8.12.11
Sendmail Consortium Sendmail 8.12.10
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux 8.1
+ Slackware Linux -current
+ Slackware Linux -current
+ Sun Solaris 9_x86
+ Sun Solaris 9
+ Sun Solaris 8_x86
+ Sun Solaris 8_sparc
+ Sun Solaris 7.0_x86
+ Sun Solaris 7.0
Sendmail Consortium Sendmail 8.12.9
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.8
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0 i386
+ Yellow Dog Linux 3.0
Sendmail Consortium Sendmail 8.12.7
+ OpenPKG OpenPKG 1.2
+ Slackware Linux 8.1
+ SOTLinux SOTLinux 2003 Desktop
+ SOTLinux SOTLinux 2003 Server
Sendmail Consortium Sendmail 8.12.6
+ Apple Mac OS X 10.2.4
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.7
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ OpenBSD OpenBSD 3.2
+ S.u.S.E. Linux 8.1
Sendmail Consortium Sendmail 8.12.5
+ Conectiva Linux 9.0
+ OpenBSD OpenBSD 3.2
Sendmail Consortium Sendmail 8.12.4
+ OpenBSD OpenBSD 3.2
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.3
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ FreeBSD FreeBSD 4.6
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Sendmail Consortium Sendmail 8.12.2
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ OpenBSD OpenBSD 3.1
Sendmail Consortium Sendmail 8.12.1
+ HP MPE/iX 7.5
+ HP MPE/iX 7.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Sendmail Consortium Sendmail 8.12 beta7
Sendmail Consortium Sendmail 8.12 beta5
Sendmail Consortium Sendmail 8.12 beta16
Sendmail Consortium Sendmail 8.12 beta12
Sendmail Consortium Sendmail 8.12 beta10
Sendmail Consortium Sendmail 8.12 .0
Sendmail Consortium Sendmail 8.11.7
Sendmail Consortium Sendmail 8.11.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ FreeBSD FreeBSD 4.5 -RELEASE
+ FreeBSD FreeBSD 4.5
+ FreeBSD FreeBSD 4.4
+ Immunix Immunix OS 7.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 6.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Sun Cobalt RaQ 550
+ Sun Linux 5.0.3
+ Sun Linux 5.0
Sendmail Consortium Sendmail 8.11.5
Sendmail Consortium Sendmail 8.11.4
+ Conectiva Linux 7.0
- Slackware Linux 8.0
Sendmail Consortium Sendmail 8.11.3
- MandrakeSoft Corporate Server 1.0.1
- Mandriva Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
- Slackware Linux 7.1
Sendmail Consortium Sendmail 8.11.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
Sendmail Consortium Sendmail 8.11.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 6.0
Sendmail Consortium Sendmail 8.11
+ Compaq Tru64 5.1 b
+ Compaq Tru64 5.1 a
+ Compaq Tru64 5.1
+ IBM AIX 5.2
+ IBM AIX 5.1
- Mandriva Linux Mandrake 7.2
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 7.0
+ SCO Open Server 5.0.6 a
+ SCO Open Server 5.0.6
+ SCO Open Server 5.0.5
+ SCO Open Server 5.0.4
Sendmail Consortium Sendmail 8.10.2
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt RaQ 4
+ Sun Cobalt RaQ XTR
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ4 3001R
Sendmail Consortium Sendmail 8.10.1
Sendmail Consortium Sendmail 8.10
Sendmail Consortium Sendmail 8.8.8
+ Compaq Tru64 4.0 g PK3 (BL17)
+ Compaq Tru64 4.0 f PK7 (BL18)
+ SGI IRIX 6.5.6
+ SGI IRIX 6.5.5
+ SGI IRIX 6.5.4
+ SGI IRIX 6.5.3
+ SGI IRIX 6.5.2
+ SGI IRIX 6.5.1
+ SGI IRIX 6.5
Sendmail Consortium Sendmail 5.65
Sendmail Consortium Sendmail 5.61
Sendmail Consortium Sendmail 5.59
Sendmail Consortium Sendmail 4.55
Sendmail Consortium Sendmail 4.1
Eric Allman Sendmail 8.11
Eric Allman Sendmail 8.10.1
Eric Allman Sendmail 8.10
Eric Allman Sendmail 8.8.5
Eric Allman Sendmail 8.8.4
Eric Allman Sendmail 8.8.3
Eric Allman Sendmail 8.8.2
Eric Allman Sendmail 8.8.1
Eric Allman Sendmail 8.8 .x
Eric Allman Sendmail 8.8
Eric Allman Sendmail 8.7.6
Eric Allman Sendmail 8.7.5
Eric Allman Sendmail 8.7.4
Eric Allman Sendmail 8.7.3
Eric Allman Sendmail 8.7.2
Eric Allman Sendmail 8.7.1
Eric Allman Sendmail 8.7 .x
Eric Allman Sendmail 8.6.10
Eric Allman Sendmail 8.6.9
Eric Allman Sendmail 8.6 .x
Eric Allman Sendmail 5.59
Eric Allman Sendmail 5.58
Sendmail Consortium Sendmail 8.9 .0

- 不受影响的程序版本

Sendmail Consortium Sendmail 8.9 .0

- 漏洞讨论

Sendmail is prone to an SMTP HELO command argument buffer overflow vulnerability.

The issue presents itself due to insufficient bounds checking performed when handling malicious SMTP HELO command arguments of excessive length. A remote attacker may exploit this condition to trigger a denial-of-service in the affected daemon.

Sendmail 8.8.8 is affected; earlier versions may also be vulnerable.

- 漏洞利用

The following proof of concept is available:

- 解决方案

Vendor updates are available. Please see the references for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站