CVE-2002-0320
CVSS7.5
发布时间 :2002-06-25 00:00:00
修订时间 :2016-10-17 22:19:04
NMCOS    

[原文]Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.


[CNNVD]Yahoo! Messenger IMvironment域溢出漏洞(CNNVD-200206-083)

        
        Yahoo! Messenger是Yahoo's instant messaging service的客户端工具,此次受影响的是微软Windows操作系统上运行的某些版本。
        据报告,通过5101端口发送异常报文,可能导致Yahoo Messenger client的IMvironment域发生缓冲区溢出并最终崩溃。
        值得注意的是,攻击者无法通过标准Yahoo Messenger client达到目的,这里已经做了一定限制。必须自己编写符合Yahoo Messenger protocol的程序。攻击潜在允许远程执行任意指令,然而尚未得到证实。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0320
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0320
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200206-083
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=101439616623230&w=2
(UNKNOWN)  BUGTRAQ  20020221 Remote crashes in Yahoo messenger
http://www.cert.org/advisories/CA-2002-16.html
(UNKNOWN)  CERT  CA-2002-16
http://www.iss.net/security_center/static/8264.php
(VENDOR_ADVISORY)  XF  yahoo-messenger-message-bo(8264)
http://www.iss.net/security_center/static/8265.php
(VENDOR_ADVISORY)  XF  yahoo-messenger-imvironment-bo(8265)
http://www.kb.cert.org/vuls/id/419419
(UNKNOWN)  CERT-VN  VU#419419
http://www.kb.cert.org/vuls/id/887319
(UNKNOWN)  CERT-VN  VU#887319
http://www.securityfocus.com/bid/4162
(UNKNOWN)  BID  4162
http://www.securityfocus.com/bid/4163
(UNKNOWN)  BID  4163

- 漏洞信息

Yahoo! Messenger IMvironment域溢出漏洞
高危 边界条件错误
2002-06-25 00:00:00 2005-10-20 00:00:00
远程  
        
        Yahoo! Messenger是Yahoo's instant messaging service的客户端工具,此次受影响的是微软Windows操作系统上运行的某些版本。
        据报告,通过5101端口发送异常报文,可能导致Yahoo Messenger client的IMvironment域发生缓冲区溢出并最终崩溃。
        值得注意的是,攻击者无法通过标准Yahoo Messenger client达到目的,这里已经做了一定限制。必须自己编写符合Yahoo Messenger protocol的程序。攻击潜在允许远程执行任意指令,然而尚未得到证实。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        没有合适的临时解决方法。
        厂商补丁:
        Yahoo!
        ------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://messenger.yahoo.com/

- 漏洞信息

6866
Yahoo! Messenger Long Message Overflow
Remote / Network Access Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown

- 漏洞描述

A remote overflow exists in Yahoo Messenger. Yahoo Messenger fails to validate the length of the message field of the Yahoo protocol resulting in a buffer overflow. With a specially crafted request, an attacker can cause the victim's Messenger client to crash resulting in a loss of availability.

- 时间线

2002-02-21 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 5.0 Build 1065 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Yahoo! Messenger IMvironment Field Overflow Vulnerability
Boundary Condition Error 4163
Yes No
2002-02-21 12:00:00 2009-07-11 10:56:00
This issue was reported to BugTraq on February 21st, 2002 by "Scott Woodward" <scott@phoenixtechie.com>.

- 受影响的程序版本

Yahoo! Messenger 5.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home

- 漏洞讨论

Yahoo! Messenger is the main client for Yahoo's instant messaging service. The affected version runs on Microsoft Windows operating systems.

It is reportedly possible to crash the Yahoo Messenger client by overflowing the IMvironment field. The client communicates via port 5101.

It is important to note that the attacker would need to construct a malicious client which uses the Yahoo Messenger protocol to successfully exploit this issue, as the existing Yahoo Messenger client proactively limits the length of message fields that are sent.

This vulnerability may be the result of a buffer overflow, potentially allowing for execution of arbitrary attacked-supplied instructions on the host running the vulnerable client. However, this possibility has not been confirmed.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站