发布时间 :2002-03-08 00:00:00
修订时间 :2008-09-10 00:00:00

[原文]Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.

[CNNVD]Windows SNMP代理服务缓冲区溢出漏洞(CNNVD-200203-006)

        Windows 95/98/98SE, Windows NT 4.0, Windows 2000和Windows XP中的SNMP代理服务存在缓冲区溢出漏洞。远程攻击者可以借助畸形管理请求导致服务拒绝或者执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-119 [内存缓冲区边界内操作的限制不恰当]

- CPE (受影响的平台与产品)

cpe:/o:microsoft:windows_2000Microsoft Windows 2000
cpe:/o:microsoft:windows_95Microsoft Windows 95
cpe:/o:microsoft:windows_98::goldMicrosoft windows 98_gold
cpe:/o:microsoft:windows_xp::goldMicrosoft windows xp_gold
cpe:/o:microsoft:windows_nt:4.0Microsoft Windows NT 4.0
cpe:/o:microsoft:windows_98seMicrosoft windows 98_se

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:402SNMP Request Handling Buffer Overflow
oval:org.mitre.oval:def:209SNMP Agent Service Buffer Overflow

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

Windows SNMP代理服务缓冲区溢出漏洞
高危 缓冲区溢出
2002-03-08 00:00:00 2005-10-31 00:00:00
        Windows 95/98/98SE, Windows NT 4.0, Windows 2000和Windows XP中的SNMP代理服务存在缓冲区溢出漏洞。远程攻击者可以借助畸形管理请求导致服务拒绝或者执行任意代码。

- 公告与补丁


- 漏洞信息

Multiple Vendor Malformed SNMP Management Request Remote Overflow
Remote / Network Access Denial of Service, Information Disclosure, Infrastructure, Input Manipulation
Loss of Confidentiality, Loss of Integrity, Loss of Availability
Exploit Public

- 漏洞描述

Multiple inplementations of SNMP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an overflow occurs. This flaw may lead to a loss of Confidentiality, Integrity and Availability.

- 时间线

2002-02-12 Unknow
Unknow Unknow

- 解决方案

The solution is to disable SNMP where it is not needed. If SNMP is used, it is recomended you go to your vendor's website and download the patch if your product appears in the CERT document.

- 相关参考

- 漏洞作者