CVE-2002-0180
CVSS7.5
发布时间 :2002-04-22 00:00:00
修订时间 :2016-10-17 22:16:50
NMCOS    

[原文]Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname.


[CNNVD]Bradford Barrett Webalizer反向解析DNS查询缓冲区溢出漏洞(CNNVD-200204-030)

        
        Webalizer是一款WEB服务日志文件分析程序,可产生WEB站点的静态日志的统计信息,日志分析可产生包括参考信息、浏览信息、WEB站点点击、文件访问等信息。这些日志文件以HTML格式生成,所以管理员可以通过WEB浏览器查看文件。
        Webalizer在反向解析DNS查询处理中存在问题,可导致产生缓冲区溢出攻击。
        如果Webalizer启用执行反向解析DNS查询功能(默认是关闭的),由于反向解析代码中存在问题,可导致攻击者构建特殊恶意的DNS响应而触发Webalizer产生缓冲区溢出,可导致攻击者以Webalizer进程权限执行任意代码。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:bradford_barrett:webalizer:2.0.1.6
cpe:/a:bradford_barrett:webalizer:2.0.1.9

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0180
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0180
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200204-030
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=101888467527673&w=2
(UNKNOWN)  BUGTRAQ  20020415 Remote buffer overflow in Webalizer
http://www.kb.cert.org/vuls/id/582923
(UNKNOWN)  CERT-VN  VU#582923
http://www.mrunix.net/webalizer/news.html
(VENDOR_ADVISORY)  CONFIRM  http://www.mrunix.net/webalizer/news.html
http://www.securityfocus.com/bid/4504
(UNKNOWN)  BID  4504
http://xforce.iss.net/xforce/xfdb/8837
(UNKNOWN)  XF  webalizer-reverse-dns-bo(8837)

- 漏洞信息

Bradford Barrett Webalizer反向解析DNS查询缓冲区溢出漏洞
高危 边界条件错误
2002-04-22 00:00:00 2005-10-20 00:00:00
远程  
        
        Webalizer是一款WEB服务日志文件分析程序,可产生WEB站点的静态日志的统计信息,日志分析可产生包括参考信息、浏览信息、WEB站点点击、文件访问等信息。这些日志文件以HTML格式生成,所以管理员可以通过WEB浏览器查看文件。
        Webalizer在反向解析DNS查询处理中存在问题,可导致产生缓冲区溢出攻击。
        如果Webalizer启用执行反向解析DNS查询功能(默认是关闭的),由于反向解析代码中存在问题,可导致攻击者构建特殊恶意的DNS响应而触发Webalizer产生缓冲区溢出,可导致攻击者以Webalizer进程权限执行任意代码。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 在系统没有修补之前不要开启DNS反向解析查询功能。
        厂商补丁:
        Bradford Barrett
        ----------------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.mrunix.net/webalizer/

- 漏洞信息

3869
Webalizer Reverse DNS Lookup Overflow
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Webalizer contains a flaw that allows a remote attacker to execute arbitrary code on the host running the software. The issue is due to to an unchecked buffer that handles DNS lookups not properly handling long DNS names obtained from reverse lookups. If an attacker has control of a DNS server, they can create a specially crafted DNS entry that would be processed by Webalizer and allow remote code to be executed.

- 时间线

2002-04-15 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.01-10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Bradford Barrett Webalizer Reverse DNS Buffer Overflow Vulnerability
Boundary Condition Error 4504
Yes No
2002-04-15 12:00:00 2009-07-11 11:56:00
Discovered by Spybreak <spybreak@host.sk>.

- 受影响的程序版本

Bradford Barrett Webalizer 2.0.1 -09
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
Bradford Barrett Webalizer 2.0.1 -06
- Apple Mac OS X 10.0
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
- SGI IRIX 4.0
- Sun Solaris 7.0
Bradford Barrett Webalizer 2.0.1 -04
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
Bradford Barrett Webalizer 2.0.1 -01
+ EnGarde Secure Linux 1.0.1
Bradford Barrett Webalizer 1.30 -04
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
Bradford Barrett Webalizer 2.0.1 -10

- 不受影响的程序版本

Bradford Barrett Webalizer 2.0.1 -10

- 漏洞讨论

Webalizer is a web server log file program, which generates web site statistic log files. Log files produced include referrer information, browser information, web site Hits, Files accessed etc. These log files are generated in HTML format, so administrators can view them in a web browser.

A remote buffer overflow vulnerability has been reported in some versions of Webalizer. A malicious DNS server may exploit this condition if reverse DNS lookups are enabled.

The vendor has reported that this vulnerability is not exploitable for code execution, due to both memory layout of the process and character restrictions on the injected data. However some denial of service attacks may be possible.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Updated versions are available:


Bradford Barrett Webalizer 1.30 -04

Bradford Barrett Webalizer 2.0.1 -04

Bradford Barrett Webalizer 2.0.1 -01

Bradford Barrett Webalizer 2.0.1 -09

Bradford Barrett Webalizer 2.0.1 -06

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站