CVE-2000-0734
CVSS5.0
发布时间 :2000-10-20 00:00:00
修订时间 :2016-10-17 22:07:26
NMCOES    

[原文]eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.


[CNNVD]Eeye IRIS缓冲区溢出漏洞(CNNVD-200010-112)

        eEye IRIS 1.01 beta版本存在漏洞。远程攻击者可以借助大量UDP连接来导致服务拒绝。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:eeye_digital_security:iris:1.0.1
cpe:/a:spynet:capturenet:3.0.12

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0734
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0734
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200010-112
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=96774637326591&w=2
(UNKNOWN)  BUGTRAQ  20000831 Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12
http://www.securityfocus.com/bid/1627
(VENDOR_ADVISORY)  BID  1627

- 漏洞信息

Eeye IRIS缓冲区溢出漏洞
中危 边界条件错误
2000-10-20 00:00:00 2005-10-20 00:00:00
远程※本地  
        eEye IRIS 1.01 beta版本存在漏洞。远程攻击者可以借助大量UDP连接来导致服务拒绝。

- 公告与补丁

        The vendor has provided both a statement on this issue (attached in the 'Credit' section) and a work around:
        " The problem triggered by this "DoS" seems to result from filling packet buffers faster than Windows can paint them to the screen. If you are really worried about this, until Iris is out of beta and fixes the "problem", then we recommend you turn off Iris's Capture packet display feature and use Iris's decode view instead."

- 漏洞信息 (20184)

eEye Digital Security IRIS 1.0.1,SpyNet CaptureNet 3.0.12 Buffer Overflow (EDBID:20184)
windows remote
2000-08-31 Verified
0 Ussr Labs
N/A [点击下载]
source: http://www.securityfocus.com/bid/1627/info

IRIS from eEye Digital Security is a protocol analyzer geared towards network management, it is currently in BETA. This product was formerly known as SpyNet CaptureNet. Certain versions of the this software are vulnerable to a remotely triggered buffer overflow attack. This attack is orchestrated by a malicious user launching multiple UDP sessions to random ports on the machine which IRIS resides on (and is in operation on). The net result of this buffer overflow is that the product ceases to function and may drive system resources to 100% before exiting. It may be possible that this overflow (a heap overflow according to the attached advisory) could result in a system compromise. No information indicating that this is the case has been released.

http://www.exploit-db.com/sploits/20184.zip		

- 漏洞信息

58523
eEye IRIS UDP Connection Saturation Remote DoS
Remote / Network Access Denial of Service
Loss of Availability Solution Unknown
Exploit Public Vendor Disputed, Third-party Verified

- 漏洞描述

Iris contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious users send a overly large amount of UDP connections to random ports, and will result in loss of availability for the platform.

- 时间线

2000-09-01 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Eeye IRIS Buffer Overflow Vulnerability
Boundary Condition Error 1627
Yes Yes
2000-08-31 12:00:00 2009-07-11 02:56:00
This vulnerability was posted to the Bugtraq mailing list by Underground Security Systems Research (USSR Labs) on August 31, 2000.

- 受影响的程序版本

SpyNet CaptureNet 3.0.12
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows NT 4.0
eEye Digital Security IRIS 1.0.1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows NT 4.0

- 漏洞讨论

IRIS from eEye Digital Security is a protocol analyzer geared towards network management, it is currently in BETA. This product was formerly known as SpyNet CaptureNet. Certain versions of the this software are vulnerable to a remotely triggered buffer overflow attack. This attack is orchestrated by a malicious user launching multiple UDP sessions to random ports on the machine which IRIS resides on (and is in operation on). The net result of this buffer overflow is that the product ceases to function and may drive system resources to 100% before exiting. It may be possible that this overflow (a heap overflow according to the attached advisory) could result in a system compromise. No information indicating that this is the case has been released.

- 漏洞利用

x

- 解决方案

The vendor has provided both a statement on this issue (attached in the 'Credit' section) and a work around:

" The problem triggered by this "DoS" seems to result from filling packet buffers faster than Windows can paint them to the screen. If you are really worried about this, until Iris is out of beta and fixes the "problem", then we recommend you turn off Iris's Capture packet display feature and use Iris's decode view instead."

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站