CVE-2002-0692
CVSS7.5
发布时间 :2002-10-10 00:00:00
修订时间 :2008-09-10 15:12:43
NMCOS    

[原文]Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.


[CNNVD]Microsoft FrontPage Server Extensions SmartHTML远程缓冲区溢出漏洞(MS02-053)(CNNVD-200210-244)

        
        Microsoft FrontPage服务器扩展是Microsoft公司开发的用于加强IIS Web服务器的功能的软件包。
        Microsoft FrontPage服务器扩展中的SmartHTML (shtml)解析器组件对用户提交的请求缺少正确过滤检查,远程攻击者可以利用这个漏洞进行拒绝服务攻击,可能以FrontPage进程权限在系统上执行任意指令。
        SmartHTML (shtml)解析器是Microsoft FrontPage服务器扩展和Microsoft SharePoint Team Services中的一个组件,提供对WEB表单和其他基于FrontPage动态内容的支持。在处理特殊WEB文件类型请求时解析器存在一个漏洞,如果攻击者提交的特殊WEB文件类型请求中包含特殊字符,在FrontPage服务器扩展2000中,这类请求可导致解析器消耗大量或者全部CPU时间,直到WEB服务重新启动。而在FrontPage服务器扩展2002和SharePoint Team Services 2002系统上,相同类型的请求可导致缓冲区溢出,可能以FrontPage进程权限在系统上执行任意指令。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:microsoft:windows_2000::sp1:professionalMicrosoft Windows 2000 Professional SP1
cpe:/o:microsoft:windows_2000::sp3:professionalMicrosoft Windows 2000 Professional SP3
cpe:/o:microsoft:windows_xp:::home
cpe:/o:microsoft:windows_2000::sp1:serverMicrosoft Windows 2000 Server SP1
cpe:/o:microsoft:windows_2000::sp3:advanced_serverMicrosoft Windows 2000 Advanced Server SP3
cpe:/a:microsoft:frontpage_server_extensions:2002Microsoft frontpage_server_extensions 2002
cpe:/o:microsoft:windows_xp::gold:professionalMicrosoft Windows XP Professional Gold
cpe:/o:microsoft:windows_2000:::server
cpe:/o:microsoft:windows_2000::sp2:advanced_serverMicrosoft Windows 2000 Advanced Server SP2
cpe:/o:microsoft:windows_2000::sp1:advanced_serverMicrosoft Windows 2000 Advanced Server SP1
cpe:/o:microsoft:windows_2000::sp3:serverMicrosoft Windows 2000 Server SP3
cpe:/o:microsoft:windows_2000::sp2:professionalMicrosoft Windows 2000 Professional SP2
cpe:/o:microsoft:windows_2000:::advanced_server
cpe:/o:microsoft:windows_2000::sp2:serverMicrosoft Windows 2000 Server SP2
cpe:/o:microsoft:windows_2000:::professional
cpe:/a:microsoft:frontpage_server_extensions:2000Microsoft frontpage_server_extensions 2000
cpe:/o:microsoft:windows_xp::sp1:home

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0692
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0692
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200210-244
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/723537
(VENDOR_ADVISORY)  CERT-VN  VU#723537
http://www.microsoft.com/technet/security/bulletin/ms02-053.asp
(VENDOR_ADVISORY)  MS  MS02-053
http://www.iss.net/security_center/static/10195.php
(VENDOR_ADVISORY)  XF  fpse-smarthtml-interpreter-bo(10195)
http://www.securityfocus.com/bid/5804
(UNKNOWN)  BID  5804
http://www.iss.net/security_center/static/10194.php
(UNKNOWN)  XF  fpse-smarthtml-interpreter-dos(10194)

- 漏洞信息

Microsoft FrontPage Server Extensions SmartHTML远程缓冲区溢出漏洞(MS02-053)
高危 边界条件错误
2002-10-10 00:00:00 2005-05-13 00:00:00
远程  
        
        Microsoft FrontPage服务器扩展是Microsoft公司开发的用于加强IIS Web服务器的功能的软件包。
        Microsoft FrontPage服务器扩展中的SmartHTML (shtml)解析器组件对用户提交的请求缺少正确过滤检查,远程攻击者可以利用这个漏洞进行拒绝服务攻击,可能以FrontPage进程权限在系统上执行任意指令。
        SmartHTML (shtml)解析器是Microsoft FrontPage服务器扩展和Microsoft SharePoint Team Services中的一个组件,提供对WEB表单和其他基于FrontPage动态内容的支持。在处理特殊WEB文件类型请求时解析器存在一个漏洞,如果攻击者提交的特殊WEB文件类型请求中包含特殊字符,在FrontPage服务器扩展2000中,这类请求可导致解析器消耗大量或者全部CPU时间,直到WEB服务重新启动。而在FrontPage服务器扩展2002和SharePoint Team Services 2002系统上,相同类型的请求可导致缓冲区溢出,可能以FrontPage进程权限在系统上执行任意指令。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 使用IIS Lockdown工具(
        http://www.microsoft.com/technet/security/tools/locktool.asp)关闭SmartHTMl解析器。

        * IIS 4.0, 5.0和5.1 默认情况下安装FrontPage服务器扩展,如果不需要,反安装FrontPage服务器扩展。
        厂商补丁:
        Microsoft
        ---------
        Microsoft已经为此发布了一个安全公告(MS02-053)以及相应补丁:
        MS02-053:Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
        链接:
        http://www.microsoft.com/technet/security/bulletin/MS02-053.asp

        补丁下载:
         * Microsoft FrontPage Server Extensions 2002 for all platforms
        
        http://download.microsoft.com/download/FrontPage2002/fpse1002/1/W98NT42KMeXP/EN-US/fpse1002.exe

         * Microsoft FrontPage Server Extension 2000 for NT4
        
        http://download.microsoft.com/download/fp2000fd2000/Patch/1/W9XNT4Me/EN-US/fpse0901.exe

         * Microsoft FrontPage Server Extensions 2000 for Windows XP
         o
        http://www.microsoft.com/downloads/release.asp?ReleaseID=42995

         o Windows Update
        
        http://windowsupdate.microsoft.com/

         * Microsoft FrontPage Server Extensions 2000 for Windows 2000
         o
        http://www.microsoft.com/downloads/release.asp?ReleaseID=42954

         o Windows Update
        
        http://windowsupdate.microsoft.com/

- 漏洞信息

2306
Microsoft FrontPage Server Extensions SmartHTML Interpreter shtml.dll DoS
Denial of Service
Loss of Availability

- 漏洞描述

Microsoft FrontPage Server Extensions (FPSE), which is installed by default with IIS 4, 5 & 5.1, are installed on the system, and there exist a DoS and Buffer overflow vulnerability. The interpreter contains a flaw that could be exposed when processing a request for a particular type of web file. Such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted or it could cause a buffer overflow allowing an attacker to execute arbitrary code.

- 时间线

2002-09-25 2002-09-25
2003-07-28 Unknow

- 解决方案

Uninstall Frontpage from default IIS 4, 5 & 5.1 installations. Run The IIS Lockdown Tool, if used to configure a static web server, disables the SmartHTML Interpreter, or download patches from Microsoft.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability
Boundary Condition Error 5804
Yes No
2002-09-25 12:00:00 2009-07-11 05:06:00
Discovery is credited to Maninder Bharadwaj of the Digital Defense Services part of Digital GlobalSoft Ltd..

- 受影响的程序版本

Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
+ Avaya DefinityOne Media Servers
+ Avaya IP600 Media Servers
+ Avaya S3400 Message Application Server 0
+ Avaya S8100 Media Servers 0
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft FrontPage Server Extensions 2002
Microsoft FrontPage Server Extensions 2000
+ Microsoft Windows 2000 Advanced Server SP3
+ Microsoft Windows 2000 Advanced Server SP2
+ Microsoft Windows 2000 Advanced Server SP1
+ Microsoft Windows 2000 Advanced Server
+ Microsoft Windows 2000 Datacenter Server SP3
+ Microsoft Windows 2000 Datacenter Server SP2
+ Microsoft Windows 2000 Datacenter Server SP1
+ Microsoft Windows 2000 Datacenter Server
+ Microsoft Windows 2000 Professional SP3
+ Microsoft Windows 2000 Professional SP2
+ Microsoft Windows 2000 Professional SP1
+ Microsoft Windows 2000 Professional
+ Microsoft Windows 2000 Server SP3
+ Microsoft Windows 2000 Server SP2
+ Microsoft Windows 2000 Server SP1
+ Microsoft Windows 2000 Server
+ Microsoft Windows XP Home SP1
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional SP1
+ Microsoft Windows XP Professional
Microsoft Windows XP Professional SP1
Microsoft Windows XP Home SP1

- 不受影响的程序版本

Microsoft Windows XP Professional SP1
Microsoft Windows XP Home SP1

- 漏洞讨论

A vulnerability has been reported in the SmartHTML (shtml) interpreter component of FrontPage Server Extensions. In FrontPage Server Extensions 2000, the vulnerability is only exploitable as a denial of service. It is possible to cause consumption of CPU due to an infinite loop condition. This may adversely affect the server ability to perform other functions. Remote attackers may exploit this vulnerability to execute arbitrary code on target hosts running FrontPage Server Extensions 2002. This is due to it being a buffer overflow condition.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Microsoft has released patches addressing this issue.


Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server SP2

Microsoft Windows 2000 Advanced Server SP3

Microsoft Windows XP Home

Microsoft FrontPage Server Extensions 2002

Microsoft Windows 2000 Advanced Server SP1

Microsoft Windows XP Home SP1

Microsoft Windows 2000 Advanced Server SP2

Microsoft Windows 2000 Professional SP1

Microsoft Windows 2000 Server SP3

Microsoft FrontPage Server Extensions 2000

Microsoft Windows 2000 Professional SP3

Microsoft Windows 2000 Server SP1

Microsoft Windows XP Professional

Microsoft Windows 2000 Professional SP2

Microsoft Windows XP Professional SP1

Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Server

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站