CVE-2002-0384
CVSS7.5
发布时间 :2002-10-04 00:00:00
修订时间 :2008-09-10 15:11:54
NMCOS    

[原文]Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.


[CNNVD]Gaim Jabber Plug-In缓冲区溢出漏洞(CNNVD-200210-025)

        Gaim client 0.58之前版本的Jabber plug-in存在缓冲区溢出漏洞。远程攻击者可以利用该漏洞执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:rob_flynn:gaim:0.51
cpe:/a:rob_flynn:gaim:0.56
cpe:/a:rob_flynn:gaim:0.53
cpe:/a:rob_flynn:gaim:0.54
cpe:/a:rob_flynn:gaim:0.55
cpe:/a:rob_flynn:gaim:0.52
cpe:/a:rob_flynn:gaim:0.57

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0384
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0384
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200210-025
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/5406
(VENDOR_ADVISORY)  BID  5406
http://www.redhat.com/support/errata/RHSA-2002-098.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2002:098
http://www.iss.net/security_center/static/9766.php
(VENDOR_ADVISORY)  XF  gaim-jabber-module-bo(9766)
http://www.redhat.com/support/errata/RHSA-2003-156.html
(UNKNOWN)  REDHAT  RHSA-2003:156
http://www.redhat.com/support/errata/RHSA-2002-122.html
(UNKNOWN)  REDHAT  RHSA-2002:122
http://www.redhat.com/support/errata/RHSA-2002-107.html
(UNKNOWN)  REDHAT  RHSA-2002:107
http://www.osvdb.org/3729
(UNKNOWN)  OSVDB  3729
http://online.securityfocus.com/advisories/4358
(UNKNOWN)  HP  HPSBTL0208-057
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054
(UNKNOWN)  MANDRAKE  MDKSA-2002:054

- 漏洞信息

Gaim Jabber Plug-In缓冲区溢出漏洞
高危 缓冲区溢出
2002-10-04 00:00:00 2005-05-13 00:00:00
远程  
        Gaim client 0.58之前版本的Jabber plug-in存在缓冲区溢出漏洞。远程攻击者可以利用该漏洞执行任意代码。

- 公告与补丁

        HP has released an advisory. Users are urged to download and install the RPMs provided in Red Hat Security Advisory RHSA-2002:098.
        Fixes are available:
        Rob Flynn Gaim 0.51
        
        Rob Flynn Gaim 0.56
        
        Rob Flynn Gaim 0.57
        

- 漏洞信息

3729
Gaim Jabber Plugin Buffer Overflow
Remote / Network Access Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown

- 漏洞描述

A potential remote overflow exists in Rob Flynn's gaim. GAIM fails to validate input resulting in a buffer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code on a client's machine resulting in a loss of integrity or denial of service.

- 时间线

2002-08-07 2002-08-05
Unknow Unknow

- 解决方案

Upgrade to version 0.58 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. Debian, RedHat, and Mandrake have also released independent patches.

- 相关参考

- 漏洞作者

- 漏洞信息

Gaim Jabber Plug-In Buffer Overflow Vulnerability
Boundary Condition Error 5406
Yes No
2002-08-06 12:00:00 2009-07-11 02:56:00
Discovery of this issue is credited to rwscott.

- 受影响的程序版本

Rob Flynn Gaim 0.57
Rob Flynn Gaim 0.56
Rob Flynn Gaim 0.55
Rob Flynn Gaim 0.54
Rob Flynn Gaim 0.53
Rob Flynn Gaim 0.52
Rob Flynn Gaim 0.51
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
Rob Flynn Gaim 0.59
+ Gentoo Linux 0.7
+ Gentoo Linux 0.5
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 8.2
+ Sun Linux 5.0
Rob Flynn Gaim 0.58
+ Debian Linux 3.0

- 不受影响的程序版本

Rob Flynn Gaim 0.59
+ Gentoo Linux 0.7
+ Gentoo Linux 0.5
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 8.2
+ Sun Linux 5.0
Rob Flynn Gaim 0.58
+ Debian Linux 3.0

- 漏洞讨论

The Gaim client Jabber messaging plug-in is prone to a buffer overflow condition. This condition may potentially be exploited by a remote attacker to execute arbitrary code as the user running the vulnerable client.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

HP has released an advisory. Users are urged to download and install the RPMs provided in Red Hat Security Advisory RHSA-2002:098.

Fixes are available:


Rob Flynn Gaim 0.51

Rob Flynn Gaim 0.56

Rob Flynn Gaim 0.57

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站