CVE-2002-0791
CVSS5.0
发布时间 :2002-08-12 00:00:00
修订时间 :2008-09-05 16:28:57
NMCOS    

[原文]Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.


[CNNVD]Novell NetWare NWFTPD远程绝服务攻击漏洞(CNNVD-200208-109)

        
        NWFTPD是一款Novell NetWare操作系统下的FTP服务程序。
        NWFTPD存在漏洞,可导致远程攻击者进行拒绝服务攻击。
        攻击者可以通过nc或者telnet连接FTP服务器,并开始阶段发送一回车数据可导致FTP服务器消耗大量系统资源,使的操作系统变的不稳定,产生拒绝服务。
        此漏洞测试于NetWare 6.0 SP 1和NetWare 5.1 SP 4的NWFTPD,其他版本也可能存在此漏洞。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:novell:netware:5.1:sp4Novell NetWare 5.1 SP4
cpe:/o:novell:netware:6.0:sp1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0791
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0791
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200208-109
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/4693
(VENDOR_ADVISORY)  BID  4693
http://www.iss.net/security_center/static/9034.php
(VENDOR_ADVISORY)  XF  netware-ftp-dos(9034)
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0059.html
(VENDOR_ADVISORY)  VULNWATCH  20020508 [VulnWatch] cqure.net.20020408.netware_nwftpd.a
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2962252.htm
(UNKNOWN)  MISC  http://support.novell.com/cgi-bin/search/searchtid.cgi?/2962252.htm
http://online.securityfocus.com/archive/1/271589
(UNKNOWN)  BUGTRAQ  20020508 Re: cqure.net.20020408.netware_nwftpd.a

- 漏洞信息

Novell NetWare NWFTPD远程绝服务攻击漏洞
中危 其他
2002-08-12 00:00:00 2005-10-20 00:00:00
远程  
        
        NWFTPD是一款Novell NetWare操作系统下的FTP服务程序。
        NWFTPD存在漏洞,可导致远程攻击者进行拒绝服务攻击。
        攻击者可以通过nc或者telnet连接FTP服务器,并开始阶段发送一回车数据可导致FTP服务器消耗大量系统资源,使的操作系统变的不稳定,产生拒绝服务。
        此漏洞测试于NetWare 6.0 SP 1和NetWare 5.1 SP 4的NWFTPD,其他版本也可能存在此漏洞。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 在升级FTP服务程序前关闭NWFTPD。
        厂商补丁:
        Novell
        ------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Novell Netware 5.1 SP4:
        Novell Upgrade nwftpd6.exe
        
        http://support.novell.com/servlet/betafiledownload?file=/ftf/nwftpd6.exe/

        Novell Netware 6.0 SP1:
        Novell Upgrade nwftpd6.exe
        
        http://support.novell.com/servlet/betafiledownload?file=/ftf/nwftpd6.exe/

- 漏洞信息

10934
Novell NetWare FTP Server NWFTPD Malformed Input DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-05-08 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Novell NetWare NWFTPD Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 4693
Yes No
2002-05-08 12:00:00 2009-07-11 12:46:00
Discovery of this issue is credited to Patrik Karlsson and Jonas Ländin.

- 受影响的程序版本

Novell Netware 6.0 SP1
Novell Netware 5.1 SP4

- 漏洞讨论

NWFTPD is the FTP server for Novell NetWare.

NWFTPD is prone to a denial of service condition. It has been reported that the FTP server reacts unpredictably when a client sends a carriage return at the beginning of a connection. As a result, the server may consume a large amount of resources which may cause the underlying system to become unstable.

This issue has been reported for NWFTPD running on NetWare 6.0 SP 1. It has also been reported for NWFTPD running on NetWare 5.1 SP 4. Other versions may also be affected.

- 漏洞利用

This may be exploited with a client utility such as netcat or telnet.

- 解决方案

The vendor has supplied an upgraded version of the ftp server. It is required that Netware 6.0 SP1 or Netware 5.1 SP4 be installed before applying the upgrade.


Novell Netware 5.1 SP4

Novell Netware 6.0 SP1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站