CVE-2002-0351
CVSS7.5
发布时间 :2002-06-25 00:00:00
修订时间 :2008-09-10 20:01:00
NMCOS    

[原文]Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code.


[CNNVD]CFS多个缓冲区溢出漏洞(CNNVD-200206-093)

        
        加密文件系统(Cryptographic File System)是一个运行于Unix类系统上的一个文件系统加密软件包。
        CFS实现上存在多个缓冲区溢出漏洞,远程攻击者可能利用这些漏洞对程序实施拒绝服务攻击或在主机上以root身份执行任意命令。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:matt_blaze:cfs:1.3.3_ia32
cpe:/a:matt_blaze:cfs:1.3.3_m68k
cpe:/a:matt_blaze:cfs:1.3.3_arm
cpe:/a:matt_blaze:cfs:1.3.3_alpha
cpe:/a:matt_blaze:cfs:1.3.3_sparc
cpe:/a:matt_blaze:cfs:1.3.3_ppc
cpe:/a:matt_blaze:cfs:1.3.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0351
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0351
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200206-093
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2002/dsa-116
(VENDOR_ADVISORY)  DEBIAN  DSA-116
http://www.iss.net/security_center/static/8330.php
(VENDOR_ADVISORY)  XF  cfs-bo(8330)
http://www.securityfocus.com/bid/4219
(UNKNOWN)  BID  4219

- 漏洞信息

CFS多个缓冲区溢出漏洞
高危 边界条件错误
2002-06-25 00:00:00 2005-10-20 00:00:00
远程  
        
        加密文件系统(Cryptographic File System)是一个运行于Unix类系统上的一个文件系统加密软件包。
        CFS实现上存在多个缓冲区溢出漏洞,远程攻击者可能利用这些漏洞对程序实施拒绝服务攻击或在主机上以root身份执行任意命令。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 对cfsd服务端口设置访问过滤,只允许可信用户进行访问。
        厂商补丁:
        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-116-1)以及相应补丁:
        DSA-116-1:New CFS packages fix security problems
        链接:
        http://www.debian.org/security/2002/dsa-116

        补丁下载:
        Source archives:
        
        http://security.debian.org/dists/stable/updates/main/source/cfs_1.3.3-8.1.dsc

         MD5 checksum: 566d05bb6f71e3a5dd194a0ceb98952a
        
        http://security.debian.org/dists/stable/updates/main/source/cfs_1.3.3-8.1.diff.gz

         MD5 checksum: 7bb4cbf19e8c195f7302a025897fe44d
        
        http://security.debian.org/dists/stable/updates/main/source/cfs_1.3.3.orig.tar.gz

         MD5 checksum: cb4c5c107b77a50c25628f6655aae378
         Alpha architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-alpha/cfs_1.3.3-8.1_alpha.deb

         MD5 checksum: 2d5b24107abe81a09d5dbd213f0d890b
         ARM architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-arm/cfs_1.3.3-8.1_arm.deb

         MD5 checksum: 7712a474e4c67ce30b2a70b29a3f0f64
         Intel ia32 architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-i386/cfs_1.3.3-8.1_i386.deb

         MD5 checksum: 33651b606e1fa0dc15c9d7256580df84
         Motorola 680x0 architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-m68k/cfs_1.3.3-8.1_m68k.deb

         MD5 checksum: e6078a08a26fe831b3acfddcb6f3c8cd
         PowerPC architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-powerpc/cfs_1.3.3-8.1_powerpc.deb

         MD5 checksum: cc13eb33869b2682685b5f073cd33b3c
         Sun Sparc architecture:
        
        http://security.debian.org/dists/stable/updates/main/binary-sparc/cfs_1.3.3-8.1_sparc.deb

         MD5 checksum: 55ef017e1d3b2ca20fe5c0cf30479901
        补丁安装方法:
        1. 手工安装补丁包:
         首先,使用下面的命令来下载补丁软件:
         # wget url (url是补丁下载链接地址)
         然后,使用下面的命令来安装补丁:
         # dpkg -i file.deb (file是相应的补丁名)
        2. 使用apt-get自动安装补丁包:
         首先,使用下面的命令更新内部数据库:
         # apt-get update
        
         然后,使用下面的命令安装更新软件包:
         # apt-get upgrade

- 漏洞信息

14405
Cryptographic File System (CFS) cfsd Multiple Unspecified Remote Overflows
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-03-02 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

CFS Multiple Buffer Overflow Vulnerabilities
Boundary Condition Error 4219
Yes No
2002-03-02 12:00:00 2009-07-11 10:56:00
Debian credits "Zorgon" with discovery (DSA-116-1).

- 受影响的程序版本

Matt Blaze cfs 1.3.3 Sparc
+ Debian Linux 2.2 sparc
Matt Blaze cfs 1.3.3 PPC
+ Debian Linux 2.2 powerpc
Matt Blaze cfs 1.3.3 m68k
+ Debian Linux 2.2 68k
Matt Blaze cfs 1.3.3 ia32
+ Debian Linux 2.2 IA-32
Matt Blaze cfs 1.3.3 ARM
+ Debian Linux 2.2 arm
Matt Blaze cfs 1.3.3 Alpha
+ Debian Linux 2.2 alpha
Matt Blaze cfs 1.3.3
+ Debian Linux 2.2
Matt Blaze cfs 1.4.1 -5
- Debian Linux 2.2 r3 unstable
- Debian Linux 2.2 r3 testing
Matt Blaze cfs 1.3.3 -8.1 Sparc
- Debian Linux 2.2 sparc
Matt Blaze cfs 1.3.3 -8.1 PPC
- Debian Linux 2.2 powerpc
Matt Blaze cfs 1.3.3 -8.1 m68k
- Debian Linux 2.2 68k
Matt Blaze cfs 1.3.3 -8.1 ia32
- Debian Linux 2.2 IA-32
Matt Blaze cfs 1.3.3 -8.1 ARM
- Debian Linux 2.2 arm
Matt Blaze cfs 1.3.3 -8.1 Alpha
- Debian Linux 2.2 alpha
Matt Blaze cfs 1.3.3 -8.1
- Debian Linux 2.2

- 不受影响的程序版本

Matt Blaze cfs 1.4.1 -5
- Debian Linux 2.2 r3 unstable
- Debian Linux 2.2 r3 testing
Matt Blaze cfs 1.3.3 -8.1 Sparc
- Debian Linux 2.2 sparc
Matt Blaze cfs 1.3.3 -8.1 PPC
- Debian Linux 2.2 powerpc
Matt Blaze cfs 1.3.3 -8.1 m68k
- Debian Linux 2.2 68k
Matt Blaze cfs 1.3.3 -8.1 ia32
- Debian Linux 2.2 IA-32
Matt Blaze cfs 1.3.3 -8.1 ARM
- Debian Linux 2.2 arm
Matt Blaze cfs 1.3.3 -8.1 Alpha
- Debian Linux 2.2 alpha
Matt Blaze cfs 1.3.3 -8.1
- Debian Linux 2.2

- 漏洞讨论

Cryptographic File System (CFS) for Unix is a file system encryption package. Versions prior to 1.3.3-8.1 are vulnerable to a number of buffer overflow issues. Whether or not these are exploitable to obtain privileges on the host is unknown at the present time. They can be used to initiate a denial of service condition against the encrypted file system, however.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Debian has provided fixed packages.


Matt Blaze cfs 1.3.3

Matt Blaze cfs 1.3.3 PPC

Matt Blaze cfs 1.3.3 m68k

Matt Blaze cfs 1.3.3 Alpha

Matt Blaze cfs 1.3.3 ia32

Matt Blaze cfs 1.3.3 Sparc

Matt Blaze cfs 1.3.3 ARM

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站