发布时间 :2000-06-14 00:00:00
修订时间 :2008-09-05 16:21:16

[原文]The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000.

[CNNVD]Network Associates PGP认证服务器不可解决IP地址DoS漏洞(CNNVD-200006-057)

        PGP Certificate Server 2.5.0和2.5.1版本的命令端口存在漏洞。远程攻击者利用此漏洞导致拒绝服务,如果主机名没有反向DNS入口并且连接到端口4000。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:pgp:certificate_server:2.5PGP PGP Certificate Server 2.5
cpe:/a:pgp:certificate_server:2.5.1PGP PGP Certificate Server 2.5.1

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  XF  pgp-cert-server-dos
(VENDOR_ADVISORY)  BUGTRAQ  20000614 Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability

- 漏洞信息

Network Associates PGP认证服务器不可解决IP地址DoS漏洞
中危 其他
2000-06-14 00:00:00 2006-09-22 00:00:00
        PGP Certificate Server 2.5.0和2.5.1版本的命令端口存在漏洞。远程攻击者利用此漏洞导致拒绝服务,如果主机名没有反向DNS入口并且连接到端口4000。

- 公告与补丁

        Network Associates has released a patch which rectifies this issue. It is currently available at:

- 漏洞信息

NAI PGP Certificate Server Unresolvable IP DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

PGP Certificate Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker connects to port 4000 from an IP address that doesn't resolve, and will result in loss of availability for the service.

- 时间线

2000-06-14 Unknow
2000-06-14 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Network Associates has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
Failure to Handle Exceptional Conditions 1343
Yes Yes
2000-06-14 12:00:00 2009-07-11 02:56:00
Discovered by and posted to Bugtraq on June 13, 2000 by Ussr Labs <>.

- 受影响的程序版本

Network Associates PGP Certificate Server 2.5
- Microsoft Windows NT 4.0
- Sun Solaris 2.5.1
Microsoft Virtual Machine for Macintosh 2.5.1
- Microsoft Windows NT 4.0
- Sun Solaris 2.5.1

- 漏洞讨论

PGP Certificate Server by default listens on port 4000 to allow remote server management and on port 5000 for PGP replication. If the server is unable to resolve the IP address of a machine connecting to either port to a hostname the service may crash with an error message warning that memory at address 0x00000000 could not be read.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at:

- 解决方案

Network Associates has released a patch which rectifies this issue. It is currently available at:

- 相关参考