CVE-2002-1151
CVSS7.5
发布时间 :2002-10-11 00:00:00
修订时间 :2016-10-17 22:24:09
NMCOS    

[原文]The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.


[CNNVD]KDE Konqueror子框架脚本执行漏洞(CNNVD-200210-270)

        KDE 2.2.2版本以及3.0版本到3.0.3版本中Konqueror的跨站脚本保护不能正确初始化子框架和子内嵌框架的域,远程攻击者可以执行脚本以及窃取来自其他域的子框架的cookie。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:kde:konqueror:3.0.3
cpe:/o:kde:kde:3.0
cpe:/o:kde:kde:2.2.2
cpe:/a:kde:konqueror:3.0.2
cpe:/a:kde:konqueror:2.2.2
cpe:/a:kde:konqueror:3.0
cpe:/a:kde:konqueror:3.0.1
cpe:/o:kde:kde:3.0.3
cpe:/o:kde:kde:3.0.2
cpe:/o:kde:kde:3.0.1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1151
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1151
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200210-270
(官方数据源) CNNVD

- 其它链接及资源

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt
(UNKNOWN)  CALDERA  CSSA-2002-047.0
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000525
(UNKNOWN)  CONECTIVA  CLA-2002:525
http://marc.info/?l=bugtraq&m=103175850925395&w=2
(UNKNOWN)  BUGTRAQ  20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability
http://www.debian.org/security/2002/dsa-167
(VENDOR_ADVISORY)  DEBIAN  DSA-167
http://www.iss.net/security_center/static/10039.php
(VENDOR_ADVISORY)  XF  ie-sameoriginpolicy-bypass(10039)
http://www.kde.org/info/security/advisory-20020908-2.txt
(UNKNOWN)  CONFIRM  http://www.kde.org/info/security/advisory-20020908-2.txt
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php
(UNKNOWN)  MANDRAKE  MDKSA-2002:064
http://www.redhat.com/support/errata/RHSA-2002-220.html
(UNKNOWN)  REDHAT  RHSA-2002:220
http://www.redhat.com/support/errata/RHSA-2002-221.html
(UNKNOWN)  REDHAT  RHSA-2002:221
http://www.securityfocus.com/bid/5689
(VENDOR_ADVISORY)  BID  5689

- 漏洞信息

KDE Konqueror子框架脚本执行漏洞
高危 跨站脚本
2002-10-11 00:00:00 2005-05-13 00:00:00
远程  
        KDE 2.2.2版本以及3.0版本到3.0.3版本中Konqueror的跨站脚本保护不能正确初始化子框架和子内嵌框架的域,远程攻击者可以执行脚本以及窃取来自其他域的子框架的cookie。

- 公告与补丁

        The vendor has addressed this issue with kdelibs-3.0.3a. Users are advised to upgrade. Patches have also been made available.
        MandrakeSoft has issued an advisory. Mandrake Linux 8.1 and 8.2 are vulnerable to this issue. Users are advised to download and install the appropriate RPMs. Further details may be found in the referenced advisory.
        RedHat has released an advisory, RHSA-2002:220-40, that contains many fixes. Information about obtaining and applying fixes are available in the referenced advisory.
        KDE KDE 2.2.1
        
        KDE KDE 2.2.2
        

- 漏洞信息

7867
KDE Konqueror Sub-Frame XSS
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Konqueror contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the domains on sub-frames and sub-iframes. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2002-09-06 Unknow
Unknow Unknow

- 解决方案

KDE has released a patch to address this vulnerability. It is possible to correct the flaw by implementing the following workaround: disable Javascript or cookies.

- 相关参考

- 漏洞作者

- 漏洞信息

KDE Konqueror Sub-Frames Script Execution Vulnerability
Design Error 5689
Yes No
2002-09-11 12:00:00 2009-07-11 05:06:00
This issue was publicized in a KDE Security Advisory.

- 受影响的程序版本

KDE Konqueror 3.0.3
+ KDE KDE 3.0.3
KDE Konqueror 3.0.2
+ KDE KDE 3.0.2
KDE Konqueror 3.0.1
+ KDE KDE 3.0.1
KDE Konqueror 3.0
+ KDE KDE 3.0
KDE Konqueror 2.2.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
KDE KDE 3.0.3
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 4.7 -STABLE
+ FreeBSD FreeBSD 4.7 -STABLE
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
KDE KDE 3.0.2
+ Mandriva Linux Mandrake 8.2
KDE KDE 3.0.1
KDE KDE 3.0
+ Conectiva Linux 8.0
KDE KDE 2.2.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux Advanced Work Station 2.1
+ Sun Linux 5.0.7
+ Sun Linux 5.0.7
+ Sun Linux 5.0.6
+ Sun Linux 5.0.6
+ Sun Linux 5.0.5
+ Sun Linux 5.0.5
KDE KDE 2.2.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Caldera OpenLinux Workstation 3.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
KDE KDE 3.0.3 a

- 不受影响的程序版本

KDE KDE 3.0.3 a

- 漏洞讨论

When a browser window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domain.

It has been reported that Konqeuror does not properly set the domain of sub-frames or sub-iframes correctly. It is possible for a parent window to set the URL of frames or iframes within a child window regardless of the domain. This has serious security implications as the parent can cause script code to be executed within the context of the child domain.

Other software that uses the KHTML interpreter is also prone to this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vendor has addressed this issue with kdelibs-3.0.3a. Users are advised to upgrade. Patches have also been made available.

MandrakeSoft has issued an advisory. Mandrake Linux 8.1 and 8.2 are vulnerable to this issue. Users are advised to download and install the appropriate RPMs. Further details may be found in the referenced advisory.

RedHat has released an advisory, RHSA-2002:220-40, that contains many fixes. Information about obtaining and applying fixes are available in the referenced advisory.


KDE KDE 2.2.1

KDE KDE 2.2.2

KDE KDE 3.0

KDE KDE 3.0.1

KDE KDE 3.0.2

KDE KDE 3.0.3

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站